ESP-Nodes/ESP32_Temperture-Node
2024-07-04 00:18:33 -04:00
..
.vscode . 2024-05-11 23:52:19 -04:00
assets MQTX 2024-03-07 15:10:11 -05:00
include ESP32 Temperature Node 2023-12-17 12:01:42 -05:00
lib ESP32 Temperature Node 2023-12-17 12:01:42 -05:00
src . 2024-07-04 00:04:19 -04:00
test ESP32 Temperature Node 2023-12-17 12:01:42 -05:00
.gitignore ESP32 Temperature Node 2023-12-17 12:01:42 -05:00
ESP32_Temperture-Node.code-workspace . 2023-12-17 12:03:56 -05:00
platformio.ini i2c 2023-12-17 15:59:01 -05:00
README.md . 2024-07-04 00:18:33 -04:00

ESP32 MQTT SSL Temperature Node

MQTT Mosquito Broker

Mosquitto broker can be easily deployed using Docker compose file shown below. In the example below, MQTT broker listens to the ports 1883 (unecrypted) and 8883 (encrypted SSL).

Note

Compose file below declares two volumes (config and data) to persistantly store Mosquitto configuration and data.

version: "3.8"
services:
  mosquitto-esp32:
    image: eclipse-mosquitto:latest
    volumes:
      - /srv/dev-disk-by-label/docker/volumes/mosquitto/config:/mosquitto/config
      - /srv/dev-disk-by-label/docker/volumes/mosquitto/data:/mosquitto/data
    networks:
      - IoT
    ports:
      - 1883:1883
      - 8883:8883
      - 9001:9001
    restart: unless-stopped
networks:
  IoT:
    external: true

mosquitto.conf

Note

If you are using IP addresses, then issue certificates and keys to the corresponding IP address of MQTT brocker

## List ports listen to
listener 1883
listener 8883

cafile /mosquitto/config/certs/esp32_ca.crt
certfile /mosquitto/config/certs/esp32.crt
keyfile /mosquitto/config/certs/esp32.key

allow_anonymous true
persistence true
persistence_location /srv/dev-disk-by-label/docker/columes/mosquitto/data/

ESP32 MQTT Client

The two lines of code shown below are the most crucial as they are responsible for connecting ESP32 to the MQTT broker.

Note

A set of SSL certificates and key used by ESP32 MQTT client must correspond to ones used by MQTT brocker. Otherwise, secure connection won't be established.

espClientSSL.setCACert(NODE_CERT_CA);
espClientSSL.setCertificate(NODE_CERT_CRT);
espClientSSL.setPrivateKey(NODE_CERT_PRIVATE);
connection.setServer(mqtt_server, 8883);    // mqtt_server -> 192.168.50.16

secrets.h

Note

Create file called secrets.h to store configuration information about Wi-Fi, and encryption keys, but exclude it from being pushed to GitHub

const char* WIFI_SSID = "IoT_bots";
const char* WIFI_PASSWORD = "212212212";
const char* mqtt_server = "192.168.50.16";

// MQTT Broker Root CA
static const char NODE_CERT_CA[] PROGMEM = R"EOF(
-----BEGIN CERTIFICATE-----
< Cut&Paste content of CA certificate over here >
-----END CERTIFICATE-----
)EOF";

// MQTT Client Certificate
static const char NODE_CERT_CRT [] PROGMEM = R"EOF(
-----BEGIN CERTIFICATE-----
< Cut&Paste content of client certificate over here >
-----END CERTIFICATE-----
)EOF";

// MQTT Client Key
static const char NODE_CERT_PRIVATE [] PROGMEM = R"EOF(
-----BEGIN CERTIFICATE-----
< Cut&Paste content of client key over here >
-----END CERTIFICATE-----
)EOF";

Issuing Self-Generated SSL Certificates & Keys