Skip to content

Instantly share code, notes, and snippets.

Last active February 26, 2024 10:13
Show Gist options
  • Save gmag11/c565a18d361a46993039f8a515e67614 to your computer and use it in GitHub Desktop.
Save gmag11/c565a18d361a46993039f8a515e67614 to your computer and use it in GitHub Desktop.
Secure MQTT connection to broker with ESP32 and internal IDF mqtt client library
#include "Arduino.h"
#include <WiFi.h>
#include "esp_log.h"
#include "esp_system.h"
#include "esp_event.h"
#include "mqtt_client.h"
#define SECURE_MQTT // Comment this line if you are not using MQTT over SSL
#include "esp_tls.h"
// Let's Encrypt CA certificate. Change with the one you need
static const unsigned char DSTroot_CA[] PROGMEM = R"EOF(
#endif // SECURE_MQTT
esp_mqtt_client_config_t mqtt_cfg;
esp_mqtt_client_handle_t client;
const char* WIFI_SSID = "Your_SSID";
const char* WIFI_PASSWD = "Your_password";
const char* MQTT_HOST = "Your_broker_address";
const uint32_t MQTT_PORT = 8883;
const uint32_t MQTT_PORT = 1883;
#endif // SECURE_MQTT
const char* MQTT_USER = "Username_in_broker";
const char* MQTT_PASSWD = "password";
static esp_err_t mqtt_event_handler (esp_mqtt_event_handle_t event) {
if (event->event_id == MQTT_EVENT_CONNECTED) {
ESP_LOGI ("TEST", "MQTT msgid= %d event: %d. MQTT_EVENT_CONNECTED", event->msg_id, event->event_id);
esp_mqtt_client_subscribe (client, "test/hello", 0);
esp_mqtt_client_publish (client, "test/status", "1", 1, 0, false);
else if (event->event_id == MQTT_EVENT_DISCONNECTED) {
ESP_LOGI ("TEST", "MQTT event: %d. MQTT_EVENT_DISCONNECTED", event->event_id);
//esp_mqtt_client_reconnect (event->client); //not needed if autoconnect is enabled
} else if (event->event_id == MQTT_EVENT_SUBSCRIBED) {
ESP_LOGI ("TEST", "MQTT msgid= %d event: %d. MQTT_EVENT_SUBSCRIBED", event->msg_id, event->event_id);
} else if (event->event_id == MQTT_EVENT_UNSUBSCRIBED) {
ESP_LOGI ("TEST", "MQTT msgid= %d event: %d. MQTT_EVENT_UNSUBSCRIBED", event->msg_id, event->event_id);
} else if (event->event_id == MQTT_EVENT_PUBLISHED) {
ESP_LOGI ("TEST", "MQTT event: %d. MQTT_EVENT_PUBLISHED", event->event_id);
} else if (event->event_id == MQTT_EVENT_DATA) {
ESP_LOGI ("TEST", "MQTT msgid= %d event: %d. MQTT_EVENT_DATA", event->msg_id, event->event_id);
ESP_LOGI ("TEST", "Topic length %d. Data length %d", event->topic_len, event->data_len);
ESP_LOGI ("TEST","Incoming data: %.*s %.*s\n", event->topic_len, event->topic, event->data_len, event->data);
} else if (event->event_id == MQTT_EVENT_BEFORE_CONNECT) {
ESP_LOGI ("TEST", "MQTT event: %d. MQTT_EVENT_BEFORE_CONNECT", event->event_id);
return ESP_OK;
void setup () { = MQTT_HOST;
mqtt_cfg.port = MQTT_PORT;
mqtt_cfg.username = MQTT_USER;
mqtt_cfg.password = MQTT_PASSWD;
mqtt_cfg.keepalive = 15;
mqtt_cfg.transport = MQTT_TRANSPORT_OVER_SSL;
mqtt_cfg.transport = MQTT_TRANSPORT_OVER_TCP;
#endif // SECURE_MQTT
mqtt_cfg.event_handle = mqtt_event_handler;
mqtt_cfg.lwt_topic = "test/status";
mqtt_cfg.lwt_msg = "0";
mqtt_cfg.lwt_msg_len = 1;
Serial.begin (115200);
WiFi.mode (WIFI_MODE_STA);
while (!WiFi.isConnected ()) {
Serial.print ('.');
delay (100);
Serial.println ();
esp_err_t err = esp_tls_set_global_ca_store (DSTroot_CA, sizeof (DSTroot_CA));
ESP_LOGI ("TEST","CA store set. Error = %d %s", err, esp_err_to_name(err));
#endif // SECURE_MQTT
client = esp_mqtt_client_init (&mqtt_cfg);
//esp_mqtt_client_register_event (client, ESP_EVENT_ANY_ID, mqtt_event_handler, client); // not implemented in current Arduino core
err = esp_mqtt_client_start (client);
ESP_LOGI ("TEST", "Client connect. Error = %d %s", err, esp_err_to_name (err));
void loop () {
esp_mqtt_client_publish (client, "test/bye", "data", 4, 0, false);
delay (2000);
Copy link

poky commented Apr 3, 2021

Hi, I just copy-pasted this into a new blank sketch and it doesn't compile for me. It looks like there is meant to be a return value for the mqtt_event_handler but there is not one there.

Documents/Arduino/esp32test/esp32test.ino: In function 'esp_err_t mqtt_event_handler(esp_mqtt_event_handle_t)':
esp32test:76:1: error: no return statement in function returning non-void [-Werror=return-type]

Any ideas where I should start looking? I am guessing it is working for others so it must be something on my system. (MacOS, Arduino 1.8.10)

Or you could add

return ESP_OK;

in the end of that statement

Copy link

gmag11 commented Apr 5, 2021

Hi, I just copy-pasted this into a new blank sketch and it doesn't compile for me. It looks like there is meant to be a return value for the mqtt_event_handler but there is not one there.

Documents/Arduino/esp32test/esp32test.ino: In function 'esp_err_t mqtt_event_handler(esp_mqtt_event_handle_t)':
esp32test:76:1: error: no return statement in function returning non-void [-Werror=return-type]

Any ideas where I should start looking? I am guessing it is working for others so it must be something on my system. (MacOS, Arduino 1.8.10)

Hi. You are right. There is a missing return statement there. I'll add it soon. Meanwhile as @poky suggest here you may add return ESP_OK; at the end of that function.

Copy link

gjt211 commented Apr 5, 2021

Thanks poky and gmag11, The return statement did fix the problem.
Great work, and thanks for providing this. Highly appreciated.

Copy link

poky commented Apr 6, 2021

Thanks poky and gmag11, The return statement did fix the problem.
Great work, and thanks for providing this. Highly appreciated.

Glad it works for you!

Just a friendly reminder, that you should not put any "hard work" especially IO tasks in this block or function call from it.

} else  if (event->event_id == MQTT_EVENT_DATA) {
		ESP_LOGI ("TEST", "MQTT msgid= %d event: %d. MQTT_EVENT_DATA", event->msg_id, event->event_id);
		ESP_LOGI ("TEST", "Topic length %d. Data length %d", event->topic_len, event->data_len);
		ESP_LOGI ("TEST","Incoming data: %.*s %.*s\n", event->topic_len, event->topic, event->data_len, event->data);


I was having a headache try to debug the random crash issue when too many data received at once, the best way to handle it is to put a flag, and that the outer function catches it to do the rest of work.

Copy link

Hi, as a novice could you please explain where I can find the esp_log.h, esp_system.h etc files.

Also can this code publish with QoS 2?


Copy link

I was having a headache try to debug the random crash issue when too many data received at once, the best way to handle it is to put a flag, and that the outer function catches it to do the rest of work.

@poky I'm facing the same issues and don't know how to solve it. Can you provide a sample how to deal with your recommended flaged incoming MQTT_EVENT_DATA and outer functions?


Copy link

poky commented Nov 21, 2022

I was having a headache try to debug the random crash issue when too many data received at once, the best way to handle it is to put a flag, and that the outer function catches it to do the rest of work.

@poky I'm facing the same issues and don't know how to solve it. Can you provide a sample how to deal with your recommended flaged incoming MQTT_EVENT_DATA and outer functions?


Add a function something like this...

void example_task()
// Some codes
flag = false;

add example_task() to the loop function to run.
Once the MQTT_EVENT_DATA event arrived, just make flag = true, so the function will run outside of the event handler.

Copy link

pprakash commented Jan 8, 2023

Hi, I tried to compile and run this on Platform IO. Compile was successful but was getting below error while running on ESP32-WROOM-32.
Any help on resolving this?

E (327) esp-tls-mbedtls: No server verification option set in esp_tls_cfg_t structure. Check esp_tls API reference E (328) esp-tls-mbedtls: Failed to set client configurations, returned [0x8017] (ESP_ERR_MBEDTLS_SSL_SETUP_FAILED) E (337) esp-tls: create_ssl_handle failed E (341) esp-tls: Failed to open new connection E (345) TRANSPORT_BASE: Failed to open a new connection E (352) MQTT_CLIENT: Error transport connect

Build Enviornment:
Visual Studio Code with Platform IO
PLATFORM: Espressif 32 (5.2.0)

  • framework-arduinoespressif32 @ 3.20005.220925 (2.0.5)
  • tool-esptoolpy @ 1.40201.0 (4.2.1)

Copy link

gmag11 commented Jan 8, 2023

Maybe something has changed in IDF. I'll test it

Copy link

pprakash commented Jan 10, 2023

It works with Espresif 32 ( 3.2.1) core of Platform IO.

Copy link

gmag11 commented Jan 21, 2023

Hi, I tried to compile and run this on Platform IO. Compile was successful but was getting below error while running on ESP32-WROOM-32. Any help on resolving this?

E (327) esp-tls-mbedtls: No server verification option set in esp_tls_cfg_t structure. Check esp_tls API reference E (328) esp-tls-mbedtls: Failed to set client configurations, returned [0x8017] (ESP_ERR_MBEDTLS_SSL_SETUP_FAILED) E (337) esp-tls: create_ssl_handle failed E (341) esp-tls: Failed to open new connection E (345) TRANSPORT_BASE: Failed to open a new connection E (352) MQTT_CLIENT: Error transport connect

Build Enviornment: Visual Studio Code with Platform IO PLATFORM: Espressif 32 (5.2.0)

  • framework-arduinoespressif32 @ 3.20005.220925 (2.0.5)
  • tool-esptoolpy @ 1.40201.0 (4.2.1)

I've compiled on latest Platformio ESP32 (6.0.0) and it compiles fine.



Copy link

Try adding the following:

mqtt_cfg.use_global_ca_store = true;

Copy link

mqtt_cfg.use_global_ca_store = true;

Required in arduino IDE 2.2 if you want TLS to work..

Copy link

JNRAY commented Nov 18, 2023

Could you tel me how do you generate the certificat ?

Copy link

Hello @gmag11, I have tested the code in esp32 Arduino platform and successfully published test messages to the given topic - test/bye. But I couldn't get any messages in the subscribed topic - test/hello. Couldn't find what is the issue. Please guide,

Copy link

gmag11 commented Nov 29, 2023

Hello, Could you tel me how do you generate the certificat ?

You can use OpenSSL utility. For instance

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment