Eclipse Paho C Client SSL connection on iOS -
i've been trying days establish secure (ssl/tls) connection ibm messagesight virtual appliance using equivalent of latest eclipse paho c client library, ibm websphere mq client pack ma9b mobile v1.0.0.4.
client side:
objective-c code:
... client = [client initwithhosts:hosts ports:ports clientid:clientid]; connectoptions *opts = [[connectoptions alloc] init]; opts.timeout = 3600; /* opts.username = @"******"; opts.password = @"******"; */ opts.cleansession = cleansession; opts.willmessage = nil; nsbundle *mainbundle = [nsbundle mainbundle]; nsstring *ksfile = [mainbundle pathforresource: @"clientkeystore" oftype: @"pem"]; nsstring *pkfile = [mainbundle pathforresource: @"clientkey" oftype: @"pem"]; nsstring *tsfile = [mainbundle pathforresource: @"rootcakey" oftype: @"pem"]; if (debug) { nslog(@"bundle ==> %@", mainbundle); nslog(@"clientkeystore ==> %@", ksfile); nslog(@"clientkey ==> %@", pkfile); nslog(@"truststore ==> %@", tsfile); } ssloptions *ssl = [[ssloptions alloc] init]; ssl.enableservercertauth = no; // ssl.enabledciphersuites = @"sha2"; ssl.keystore = ksfile; ssl.privatekey = pkfile; ssl.privatekeypassword = @"******"; ssl.truststore = tsfile; opts.sslproperties = ssl; [client connectwithoptions:opts invocationcontext:self oncompletion:callback];
this objective-c code i've used interact c library through it's wrapper (mqttocclient.h/m).
now specs:
- ios 7.1 onwards, xcode 6.3.1 (simulator).
- ios 8.3, xcode 6.3.1 (iphone 5s).
- mqtt ios client: ibm websphere mq client pack ma9b mobile v1.0.0.4 (http://www-01.ibm.com/support/knowledgecenter/?lang=en#!/ssfksj_7.5.0/com.ibm.mm.tc.doc/tc10120_.htm).
trace:
i've enabled trace mode on library through 2 environment variables:
mqtt_c_client_trace_level = maximum mqtt_c_client_trace = on
and output:
d] >>messagingclient::connectwithoptions i] first serveruri ssl://example.com:1884 ========================================================= trace output product name: paho asynchronous mqtt c client library version: ##mqttclient_version_tag## build level: ##mqttclient_build_tag## openssl version: openssl 1.0.1h 5 jun 2014 openssl flags: compiler: /applications/xcode.app/contents/developer/usr/bin/gcc -arch i386 -isysroot /applications/xcode.app/contents/developer/platforms/iphonesimulator.platform/developer/sdks/iphonesimulator7.1.sdk -miphoneos-version-min=7.1 -dopenssl_threads -d_reentrant -ddso_dlfcn -dhave_dlfcn_h -o3 -isysroot /applications/xcode.app/contents/developer/platforms/iphonesimulator.platform/developer/sdks/iphonesimulator7.1.sdk -fomit-frame-pointer -fno-common openssl build timestamp: built on: thu jun 5 14:59:07 bst 2014 openssl platform: platform: iphoneos-cross openssl directory: openssldir: "/tmp/openssl-1.0.1h-ios-i386" ========================================================= 19691231 200000.000 allocating 32 bytes in heap @ file /users/asm/workspace/client/client_ios/iosmqtt/iosmqtt/mqttcclient/linkedlist.c line 56 ptr 0x7a068df0 19691231 200000.000 (42856916) (1)> socket_outinitialize:124 19691231 200000.000 (42856916) (2)> socketbuffer_initialize:85 19691231 200000.000 allocating 32 bytes in heap @ file /users/asm/workspace/client/client_ios/iosmqtt/iosmqtt/mqttcclient/socketbuffer.c line 73 ptr 0x79f75480 19691231 200000.000 allocating 1008 bytes in heap @ file /users/asm/workspace/client/client_ios/iosmqtt/iosmqtt/mqttcclient/socketbuffer.c line 75 ptr 0x7a917000 19691231 200000.000 allocating 32 bytes in heap @ file /users/asm/workspace/client/client_ios/iosmqtt/iosmqtt/mqttcclient/linkedlist.c line 56 ptr 0x79f791c0 19691231 200000.000 (42856916) (2)< socketbuffer_initialize:89 19691231 200000.000 allocating 32 bytes in heap @ file /users/asm/workspace/client/client_ios/iosmqtt/iosmqtt/mqttcclient/linkedlist.c line 56 ptr 0x79f792a0 19691231 200000.000 allocating 32 bytes in heap @ file /users/asm/workspace/client/client_ios/iosmqtt/iosmqtt/mqttcclient/linkedlist.c line 56 ptr 0x79f786f0 19691231 200000.000 allocating 32 bytes in heap @ file /users/asm/workspace/client/client_ios/iosmqtt/iosmqtt/mqttcclient/linkedlist.c line 56 ptr 0x7a26ba90 19691231 200000.000 (42856916) (1)< socket_outinitialize:137 19691231 200000.000 allocating 32 bytes in heap @ file /users/asm/workspace/client/client_ios/iosmqtt/iosmqtt/mqttcclient/linkedlist.c line 56 ptr 0x7a26bcb0 19691231 200000.000 allocating 32 bytes in heap @ file /users/asm/workspace/client/client_ios/iosmqtt/iosmqtt/mqttcclient/linkedlist.c line 56 ptr 0x7a26ba20 19691231 200000.000 (42856916) (1)> sslsocket_initialize:398 19691231 200000.000 allocating 1808 bytes in heap @ file /users/asm/workspace/client/client_ios/iosmqtt/iosmqtt/mqttcclient/sslsocket.c line 414 ptr 0x7b8fd600 ... 20150514 130126.866 (42856916) (2)< ssl_create_mutex:313 (0) 20150514 130126.866 (42856916) (2)> ssl_create_mutex:307 ... 20150514 130126.867 (42856916) (1)< sslsocket_initialize:438 (1) 20150514 130126.867 allocating 144 bytes in heap @ file /users/asm/workspace/client/client_ios/iosmqtt/iosmqtt/mqttcclient/mqttasync.c line 374 ptr 0x79f75f10 20150514 130126.867 allocating 32 bytes in heap @ file /users/asm/workspace/client/client_ios/iosmqtt/iosmqtt/mqttcclient/mqttasync.c line 386 ptr 0x79f75fb0 20150514 130126.867 allocating 32 bytes in heap @ file /users/asm/workspace/client/client_ios/iosmqtt/iosmqtt/mqttcclient/linkedlist.c line 56 ptr 0x79ec7160 20150514 130126.867 allocating 16 bytes in heap @ file /users/asm/workspace/client/client_ios/iosmqtt/iosmqtt/mqttcclient/linkedlist.c line 93 ptr 0x79e78970 20150514 130126.867 allocating 96 bytes in heap @ file /users/asm/workspace/client/client_ios/iosmqtt/iosmqtt/mqttcclient/mqttasync.c line 391 ptr 0x79ec1840 20150514 130126.867 allocating 32 bytes in heap @ file /users/asm/workspace/client/client_ios/iosmqtt/iosmqtt/mqttcclient/linkedlist.c line 56 ptr 0x79ec1780 20150514 130126.867 allocating 32 bytes in heap @ file /users/asm/workspace/client/client_ios/iosmqtt/iosmqtt/mqttcclient/linkedlist.c line 56 ptr 0x79ed00c0 20150514 130126.867 allocating 32 bytes in heap @ file /users/asm/workspace/client/client_ios/iosmqtt/iosmqtt/mqttcclient/linkedlist.c line 56 ptr 0x79ec9090 20150514 130126.867 allocating 32 bytes in heap @ file /users/asm/workspace/client/client_ios/iosmqtt/iosmqtt/mqttcclient/mqttasync.c line 397 ptr 0x79ec2110 20150514 130126.867 (42856916) (1)> mqttpersistence_create:47 20150514 130126.867 (42856916) (1)< mqttpersistence_create:93 (0) 20150514 130126.867 (42856916) (1)> mqttpersistence_initialize:108 20150514 130126.867 (42856916) (1)< mqttpersistence_initialize:116 (0) 20150514 130126.867 (42856916) (1)> mqttasync_restorecommands:666 20150514 130126.867 0 commands restored client 32c94ab93d29fda895b02f6 20150514 130126.867 (42856916) (1)< mqttasync_restorecommands:698 (0) 20150514 130126.867 (42856916) (1)> mqttasync_restoremessagequeue:1872 20150514 130126.867 0 queued messages restored client 32c94ab93d29fda895b02f6 20150514 130126.867 (42856916) (1)< mqttasync_restoremessagequeue:1903 (0) 20150514 130126.867 allocating 16 bytes in heap @ file /users/asm/workspace/client/client_ios/iosmqtt/iosmqtt/mqttcclient/linkedlist.c line 93 ptr 0x79e7cef0 20150514 130126.867 (42856916) (0)< mqttasync_create:416 (0) 2015-05-14 13:01:26.867 smartbanking[2616:607] d] c client created 20150514 130126.867 (42856916) (0)> mqttasync_setcallbacks:1658 20150514 130126.867 (42856916) (0)< mqttasync_setcallbacks:1672 (0) 2015-05-14 13:01:26.868 smartbanking[2616:607] d] calling c client make connection 20150514 130126.867 (42856916) (0)> mqttasync_connect:1990 20150514 130126.867 (42856916) (0)< mqttasync_connect:2177 (-8) e] c client connect failed connection error: errorcode=8 errormessage=unable connect d] <<messagingclient::connectwithoptions
server side:
- ibm messagesight v1.1.0
- server certificate: 2048bits self-signed.
- security enabled , endpoint up.
- user , pass enabled.
side notes:
- if use browser can view certificate, means can connect server.
- works if use eclipse paho java, validating server certificate same truststore (which contains self-signed ca).
i appreciate if has make ssl connection mqtt ios using library can point me right direction.
regards,
i suspect problem cipherspec/ssl version using. java default cipherspec may supported messagesight 1.1, default ios cipherspec may not be.
you should try setting specific cipherspec in supported list.
Comments
Post a Comment