Hi, I’m trying to establish TLS communication with my local mosquitto broker.
The handshake always fails, the broker does not accept the hello client and I cannot understand why …
Below the decoded messages that pass over the network.
Messages are captured with wireshark:
Secure Sockets Layer
TLSv1.2 Record Layer: Handshake Protocol: Client Hello
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 81
Handshake Protocol: Client Hello
Handshake Type: Client Hello (1)
Length: 77
Version: TLS 1.2 (0x0303)
Random
Session ID Length: 0
Cipher Suites Length: 6
Cipher Suites (3 suites)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xc02c)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b)
Cipher Suite: TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x00ff)
Compression Methods Length: 1
Compression Methods (1 method)
Compression Method: null (0)
Extensions Length: 30
Extension: signature_algorithms
Type: signature_algorithms (0x000d)
Length: 10
Signature Hash Algorithms Length: 8
Signature Hash Algorithms (4 algorithms)
Signature Hash Algorithm: 0x0603
Signature Hash Algorithm: 0x0503
Signature Hash Algorithm: 0x0403
Signature Hash Algorithm: 0x0303
Extension: elliptic_curves
Type: elliptic_curves (0x000a)
Length: 6
Elliptic Curves Length: 4
Elliptic curves (2 curves)
Elliptic curve: secp384r1 (0x0018)
Elliptic curve: secp256r1 (0x0017)
Extension: ec_point_formats
Type: ec_point_formats (0x000b)
Length: 2
EC point formats Length: 1
Elliptic curves point formats (1)
EC point format: uncompressed (0)
config.h is the “suite-b�? proposed by Mbed …
I also tried to configure the mosquitto broker with “ciphers ALL�? but nothing changed …
The broker’s response is always the following:
Secure Sockets Layer
TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Handshake Failure)
Content Type: Alert (21)
Version: TLS 1.2 (0x0303)
Length: 2
Alert Message
Level: Fatal (2)
Description: Handshake Failure (40)
is there anyone who can help me?
