ESP32 SSL __lookup return error

I am trying to make ssl connection work but unfortunately without success.

My imports:
import streams
import socket
import timers
import flash
import json
import datetime
import struct
from wireless import wifi
from espressif.esp32net import esp32wifi as wifi_driver
from mqtt import mqtt
import ssl

I have used example from: https://docs.zerynth.com/latest/reference/core/stdlib/docs/ssl/
but it gives me error:
[error] Syntax error [__lookup can’t find SSL_CACERT_DST_ROOT_CA_X3] in […]

which is related exactly to:
cacert = __lookup(SSL_CACERT_DST_ROOT_CA_X3)

My second matter is warning displayed during compilation step.
[warning] This project has configurable options!
[info] Compilation Ok
[warning] Options for module espressif.esp32net.esp32wifi ::
[warning] ZERYNTH_SSL disabled <<<----------- this one exactly
How to enable this option? What is the purpose of ZERYNTH_SSL (related to compilation warning)

After some hours and looking into github zerynth mqtt/ssl and other users examples I have tried
to make SSL connection with hardcoded cacert, clicert, clikey(created with certbot) (at this moment I just want to establish ssl connection, after that I will wonder how to store properly keys).

Device is connected to wifi (for sure it has internet access).

I hard-coded certs in this manner:
clicert = ‘-----BEGIN CERTIFICATE-----\n
contentcontent\n
oneofthelastline=\n
-----END CERTIFICATE-----\n\0’

######## mqtt related
def mqtt_test():
try:
client = mqtt.Client(“WD”,True)
ctx = ssl.create_ssl_context(cacert = cacert, clicert = clicert,pkey=clikey, options = ssl.CERT_NONE|ssl.SERVER_AUTH)
client.set_username_pw(“user666”, “secretxd”)
for retry in range(10):
try:
client.connect(‘hostname.com’,60, 8883, ssl_ctx = ctx)
print(“connected”)
break
except Exception as e:
print(“connecting…”)
print('exc info: ', e)
while True:
sleep(3000)
try:
client.publish(“test”, “test msg”)
except Exception as e:
print("exception client.publish: ", e)
else:
print(“publish ok”)
except Exception as e:
print(e)
######## mqtt related END

Code might be “reformatted” by forum so I add also image for better quality:

Unfortunately ssl.init throws UnsupportedError

exc info: UnsupportedError at line 119 of main.mqtt_test
raised at line 394 of mqtt.mqtt.connect
raised at line 408 of mqtt.mqtt._connect
raised at line 320 of ssl.init

Without passing ssl_ctx I receive IOError (Is it correct? Broker 8883 port is encrypted.)
Without passing ssl_ctx but on port 1883 (for testing purposes I allowed connections on port 1883 not only for localhost) I can publish messages.

How can I make SSL mqtt works? :sob:

And one more error:
when I use client.connect(host=“hostnameexample.com”) it returns AttributeError, why?
(if I would just use string “hostnameexample.com” it would work).

hi @Piranessi
Can you try running the Secure HTTP example, but use this CA Cert instead:
cacert = __lookup(DST_ROOT_CA_X3)
Please let me know the result.

image

Could I receive any help?