MQTT Broker Connection Issue

XBee & XBee Gateway XBee Micropython & IDE plugin
,
1

We have been experiencing issues in connecting to an MQTT broker using SSL/TLS authentication. We are using a Digi XBee 3 Cellular LTE-M/NB-IoT modem in trying to establish this connection.

I have been using a modified version of the script from page 158 of the “Digi MicroPython Programming guide” in conjunction with the simple.py MQTT connection module in this testing. I’ve installed the modem in a Digi XBee TH development board and monitor the testing progress using the MicroPython Terminal in XCTU.

I’ve found that if I use an unmodified version of simple.py, I receive a “TypeError: must use IPPROTO_SEC” message from MicroPython. If I use a modified version of simple.py that supports IPPROTO_SEC connections, a connection occurs, but I receive a CONNACK message from the broker indicating that the connection was refused due to an authentication failure.

The following is the main.py script I’m using in this testing (I’ve masked the USERNAME and PASSWORD for security reasons):

======================

from umqtt.simple import MQTTClient
import time, network

CLIENT_ID = ‘B4KZWFYIBE3LZO35ZUGWKZQG4YTSOJQHE3GMMJUGQ3DAMBQ’
MQTT_BROKER = ‘x658ebb8.ala.us-east-1.emqxsl.com
PORT = 8883
USERNAME = 'XXXXXXXXXX
PASSWORD = ‘XXXXXXXXXX’
TOPIC = ‘testtopic/1’

import socket, ssl
ssl_params = {‘ca_certs’: “/flash/cert/emqxsl-ca.crt”} # ssl certs
conn = network.Cellular()
while not conn.isconnected():
print(“waiting for network connection…”)
time.sleep(4)
print(“network connected”)

def publish_test(clientId=CLIENT_ID, hostname=MQTT_BROKER, sslp=ssl_params):

c = MQTTClient(CLIENT_ID, MQTT_BROKER, port=PORT, user=USERNAME, password=PASSWORD, ssl=True, ssl_params=sslp)
print("connecting...")
print(USERNAME)
print(PASSWORD)
c.connect()
print("connected")

print("publishing message...")
c.publish(TOPIC, '{"message": "HELLO"}')
print("published")
c.disconnect()
print("DONE")

publish_test()

=====================
]
I should mention that this problem only occurs using MicroPython code with the Digi modem. Running similar scripts using the PyCharm IDE with CPython on a PC results in successful connections with the broker.

Any help with this would be appreciated.

2

The port number for TLS is 8443.

3

Thanks for your response, mvut. I believe 8443 is the port used for HTTP TLS connections, while 8883 is used for MQTT connections. Port 8883 does work when the script is run in the PyCharm IDE on my PC; the problem only occurs when using the XBee device. I tested port 8443 with the XBee and was unable to connect to the MQTT broker.

4

What version of the XBee firmware are you working with?

Have you included the certificates in the /cert directory on the radio?

Are they listed in the $0 command?

5

(1) I’m using firmware version 11420.

(2) The certificate is located in the flash/cert directory.

(3) I did not have the certificate listed in the $0 command previously. I added it using XCTU and retested the script but got the same result as before.

6

Did you upload the certificate via the Securely option?

7

No I did not. I tried replacing the previous upload with a secure upload but it didn’t make any difference.

8

This is where I would suggest submitting a support case to Digi tech support. You can do that by going to my.digi.com or https://www.digi.com/support/submit-support-case#Submit%20a%20Case

9

I’ve submitted a support case. Thanks for your help.