Last Updated
Viewed 11 Times

I try to connect my ESP32 to an MQTT broker using SSL.

WiFiClientSecure espClient;
MQTTClient client;

const char* mqtt_server = "a0dda4ea-dcaf-408d-...";
const char* ca_cert = \
"-----BEGIN CERTIFICATE-----\n" \
"MIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBh\n" \
"c+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0\n" \
"j6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz\n" \
"-----END CERTIFICATE-----\n";

const char* cert = \
"-----BEGIN CERTIFICATE-----\n" \
"k7QMObr9H2Pf/xzj8vWnDdshvMHXyuwELA2ExEuW/II=\n" \
"-----END CERTIFICATE-----\n";

const char* key = \
"-----BEGIN RSA PRIVATE KEY-----\n" \
"MIIEpAIBAAKCAQEA3RrsSgye/7a5vxoXQldQB1L4gg/bu3HDaIx74ojJezH0VjEi\n" \
"sEN+EfBNH8GA9b3T8906kkml0B3U3+qO/CUrRgaagB09xgPKIoPbog==\n" \
"-----END RSA PRIVATE KEY-----\n";

void connect() {
    while (!client.connect("fullReader", false)) {


void setup()

  Serial.println("connected...yeey :)");


  client.begin(mqtt_server, 8883, espClient);

Unfortunately this always leads to the error

[E][ssl_client.cpp:33] _handle_error(): [start_ssl_client():199]: (-29312) SSL - The connection indicated an EOF
[E][WiFiClientSecure.cpp:132] connect(): start_ssl_client: -29312

I've verified with a MQTT client (MQTTBox) that the certificate and private key are correct. There I can connect to the broker. Do you have an idea what might be the issue?

I'm new with arduino/ESP32. I want to control several servo motors with the help of ESP32. I want to control all servos at different speeds and want to use sine wave logic to control the speed.

I have code that can control 2 servos seperataly. I have attached the code here,

#include <ESP32Servo.h>
#include "esp32-hal-ledc.h"
// create two servo objects 
Servo servo1SV;
Servo servo2SV;

// Published values of servos; adjust if needed
int minUs = 550;
int maxUs = 2250;

// These are all GPIO pins on the ESP32
// Recommended pins include 2,4,12-19,21-23,25-27,32-33 
int servo1SVPin = 15;   //outlet valve
int servo2SVPin = 16;   //inlet valve

int pos = 0;      // position in degrees
ESP32PWM pwm;
void setup() {
    servo1SV.setPeriodHertz(50);      // Standard 50hz servo
    servo2SV.setPeriodHertz(50);      // Standard 50hz servo

void loop() {
    servo1SV.attach(servo1SVPin, 500, maxUs);
    servo2SV.attach(servo2SVPin, minUs, maxUs);  

//// About outlet valve

    for (pos = 0; pos <= 85; pos += 1) { // sweep from 0 degrees to 85 degrees
        // in steps of 1 degree
        delay(10);             // Opening of outlet valve
 delay(5000);            // Outlet valve stay openned for 5 sec 

    for (pos = 85; pos >= 0; pos -= 1) { // sweep from 85 degrees to 0 degrees
        delay(10);            // closing of outlet valve

// About inlet valve

    for (pos = 0; pos <= 70; pos += 1) { // sweep from 0 degrees to 70 degrees
        // in steps of 1 degree
        delay(10);             // Opening of inlet valve 
  delay(5000);            // Inlet valve stay openned for 5 sec

    for (pos = 70; pos >= 0; pos -= 1) { // sweep from 70 degrees to 0 degrees
        delay(10);            // Opening of inlet valve


I want the same output that is given by this code but using sine wave. But I don't know how to implement sine wave logic in ESP32. How can I do that?

Similar Question 2 : ESP32 MicroPython SSL WebSocket

I successfully managed to connect my ESP32 to a WebSocket server. Now I am trying to make it work with SSL. I tried this simple code to connect to I used this to generate the cert and key.

openssl req -newkey rsa:2048 -nodes -keyout client.key -x509 -days 365 -out client.crt


Then copy over the key and cert files with adafruit-ampy. Don't forget to change your serial port.

ampy -p /dev/tty.SLAB_USBtoUART put client.crt
ampy -p /dev/tty.SLAB_USBtoUART put client.key

This is the code on the ESP32

import ussl
import usocket
import networking

KEY_PATH = "client.key"
CERT_PATH = "client.crt"
HOST, PATH, PORT = "", "/" 443

with open(KEY_PATH, 'rb') as f:
    key1 =

with open(CERT_PATH, 'rb') as f:
    cert1 =

s = usocket.socket(usocket.AF_INET, usocket.SOCK_STREAM)
addr = usocket.getaddrinfo(HOST, PORT)[0][-1]
sock = ussl.wrap_socket(s, key = key1, cert = cert1)
sock.write(bytes('GET /%s HTTP/1.0\r\nHost: %s\r\n\r\n' % (PATH, HOST), 'utf8'))

I get this error:

mbedtls_ssl_handshake error: -7280
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
OSError: [Errno 5] EIO

Has anyone successfully used ssl socket_wrap on ESP32?

EDIT (23.12.2018):

I managed to finally get something working, fetching HTML from google over HTTPS, yee. Check code above. Hope this helps. I assume the MicropPython port for ESP32 has been getting better and this is the reason this works now.

Next step is to get the SSL WebSocket working ...

EDIT (09.06.2019):

It's working now. This library works great for what I intended to do

I have the following Arduino code I'm using with an ESP32:

  if(!SPIFFS.begin(true)) {
    Serial.println("Error mounting SPIFFS.");

  File file ="/root.cer");

  if(!file) {
    Serial.println("Error opening the file.");

  Serial.println("CA Root certificate: ");

  String ca_cert = file.readString();



This is the relevant code for loading a file and setting the WiFiClientSecure's CA certificate. This code does not work.

However, if I replace espClient.setCACert(ca_cert.c_str()); with espClient.setCACert(ROOTCERT); where ROOTCERT is defined as such:

#define ROOTCERT "-----BEGIN CERTIFICATE-----\n" \
"AN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmTrE4O\n" \
"rz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEq\n" \
"OLl5CjH9UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9b\n" \
"xiqKqy69cK3FCxolkHRyxXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw\n" \
"7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40dutolucbY38EVAjqr2m7xPi71XAicPNaD\n" \
"aeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNV\n" \
"SIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69\n" \
"ikugdB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXr\n" \
"AvHRAosZy5Q6XkjEGB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZz\n" \
"R8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5\n" \
"JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo\n" \
"Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ\n" \
"-----END CERTIFICATE-----\n" 

The code works.

The ROOTCERT string is taken directly from the certificate file, so they must be identical.

The certificate file was downloaded and exported using Windows's certificate exporter. I've tried converting line endings to no avail.

EDIT: I've found a clue.

If I do the following:

String constString = ROOTCERT;

It also does not work.

And I added this code:

 if(strcmp(constString.c_str(), ROOTCERT))
     Serial.println("Constant and converted string are equal.");
     Serial.println("Constant and converted string are different.");

And it prints "Constant and converted string are different."

So it appears to be some kind of problem with how .c_str() does things? I have no idea what this could be, though. When printed to the console, the .c_str(), ROOTCERT and ca_cert Strings all appear IDENTICAL.

I am completely confused here.

Turns out I was using strcmp() incorrectly. Things are still not working.

Similar Question 5 (1 solutions) : ESP32 to ESP32 WiFi Server/Client Problem

Similar Question 7 (1 solutions) : How to operate sd module in esp32?

Similar Question 9 (1 solutions) : ESP32 OTA update keeps crashing on start