Unable to connect to the EMQX broker from PLC via LMQTT library
I need to set up MQTT communication with an EMQX broker via TLS, but when I try to connect to the broker, I get error 16#8730 and diagnostics subfunction 5. According to the documentation, the error lies in non-authorization (incorrect password or username), but I'm pretty sure I have the correct credentials. I protect the project with security and added a CA certificate downloaded from EMQX.
(EMQX certificate (CA) I added to the Certification Manager into Certificate Authority (CA) tab. Later I found out that in the MQTT example they added certificate into Trusted certificate and root certificates tab. Could this be causing this problem?)
Information:
PLC: S7-1200, firmware v4.5
LMQTT 4.0.2, TIA Portal v17.
In the attached image, you can see my LMQTT configuration.
(I tried to set keepAlive or willTopic, but it still doesn't work.)
Thanks for help!
After an extensive investigation, I found that the PLC S7-1200 does not support TLS with SNI. However, most cloud serverless brokers, such as HiveMQ and EMQX, require SNI support.
The solution is to create a custom broker (for example, Mosquitto) and set up TLS without SNI. I've successfully set up Mosquitto on my Raspberry Pi with a static IP, and it now works flawlessly.
- Composer Curl error 60: SSL certificate problem: unable to get local issuer certificate
- How to install trusted CA certificate on Android device?
- Getting Chrome to accept self-signed localhost certificate
- Can't establish SSL connection to MongoDB from NodeJS program
- Getting CERTIFICATE_VERIFY_FAILED when trying to use slackclient and python 2.7
- How do I configure Nginx Proxy Manager to proxy an OnlyOffice Document Server Docker container?
- How can I redirect a Flutter web application to https?
- How to run Angular e2e with SSL enabled?
- Issues with installing python libraries on Windows : CondaHTTPError: HTTP 000 CONNECTION FAILED for url <https://conda.anaconda.org/anaconda/win-64
- How to make a TLS connection between two peers using Rust
- How can I know if the request to the servlet was executed using HTTP or HTTPS?
- SSL error downloading NLTK data
- SSL Localhost Privacy error
- How to fix proxyconnect tcp: tls: first record does not look like a TLS handshake
- How to disable or ignore the SSL for the Yfinance package
- Local file as absolute vs relative url: bad for performance or no difference?
- cURL not working (Error #77) for SSL connections on CentOS for non-root users
- PHPMailer - OpenSSL Error
- ftplib storbinary with FTPS is hanging/never completing
- curl: (60) SSL certificate problem: when uploading behind proxy
- Multiple domains and multiple certificates pointing to one MVC app
- Get "https://zzzztower.zzzz.com/api/v2/hosts/": x509: certificate relies on legacy Common Name field, use SANs instead
- traefik acme http challenge yields "No default certificate, fallback to the internal generated certificate"
- ASP.NET Core Development Certificates - error exporting the HTTPS developer certificate
- kex_exchange_identification: Connection closed by remote host
- Is there a way to securely transmit data (a TLS version) in 32 byte packets?
- How to install a cipher suite on Windows Server 2012
- Trying to set Http to Https Redirect on Nginx
- Make OpenSSL accept expired certificates
- Error when using selfhosted (Jetty) Metabase with ssl inside docker container