Securing arduino to mosquitto connection with TLS

Question

I'm trying to secure the connection between the arduino pubsub client and mosquitto broker (which is running on a public server) over TLS.

Normally(on windows etc), I can publish/subscribe like bellow while giving the certificate files. (certificate and key files are in my working directory).

mosquitto_pub -h myhost.com -p 8883 -t "/test" -m "your secure message" --cafile ca.crt --cert client.crt --key client.key

mosquitto_sub -h myhost.com -p 8883 -t "/test" --cafile ca.crt --cert client.crt --key client.key

But is there a way to do this in arduino?

Answer 1

Your pubsub MQTT client doesn't support SSL/TLS out of the box. You can try integrating with some light weight SSL/TLS libraries.

Few Embedded SSL Libraries:
https://wolfssl.com/wolfSSL/Products-wolfssl.html
http://www.matrixssl.org/

Or you can opt for Paho MQTT Client - a prebuilt Arduino port of MQTTClient. It supports MQTT V3.1.1, SSL/TLS, QOS-2 Support etc., which are not available in pubsub client.