I’ve been having some difficulty for a number of weeks trying to debug an issue connecting an ESP32 (using IDF) to my MQTT server using TLS. I’m getting an error:
error:1402542E:SSL routines:ACCEPT_SR_CLNT_HELLO:tlsv1 alert protocol version
I initially started out using Let’s Encrypt certs but in an effort to get even a successful test connection, I’m currently using self signed certificates. I am getting the same I’ve been following plenty of guidance / troubleshooting but haven’t found much in terms of the similar issues (certainly not within the esphome ecosystem).
My ESP32 yaml is below and I’m using 2023.7.1 (recently upgraded as a troubleshooting step):
esphome:
name: test
friendly_name: test
esp32:
board: esp32dev
framework:
type: esp-idf
version: recommended
# Custom sdkconfig options
sdkconfig_options:
CONFIG_COMPILER_OPTIMIZATION_SIZE: y
# Advanced tweaking options
advanced:
ignore_efuse_mac_crc: false
mqtt:
broker: FQDN
username: username
password: password
client_id: .friendly_name.
port: 8883
discovery_prefix: friendly_name/alive
log_topic: friendly_name/logs
skip_cert_cn_check: true
idf_send_async: false
certificate_authority: |
-----BEGIN CERTIFICATE-----
ca.cert contents
-----END CERTIFICATE-----
Below are 1) my mosquitto config related to TLS 2) Mosquitto log extract 3) esphome device logs:
# Secure mqtt
listener 8883
certfile /mosquitto/certs/server.crt
cafile /mosquitto/certs/ca.crt
keyfile /mosquitto/certs/server.key
tls_version tlsv1.2
INFO ESPHome 2023.7.1
INFO Reading configuration /config/test.yaml...
INFO Starting log output from test/logs
INFO Successfully reconnected to the MQTT server
INFO Successfully reconnected to the MQTT server
INFO Successfully reconnected to the MQTT server
INFO Successfully reconnected to the MQTT server
Any guidance / support technical or moral would be greatly appreciated.