Error code 66 with SSL

[stefranco1983]

Hi,
sorry for my trivial question.
I downloaded this library and it seems very interesting.
I need to connect with a server that uses the SSL protocol (hivemq.cloud).
No certificate is currently required on the server.
To log in I only use my username and password.
When I start the program, "Connection accepted" appears but there is error 66.
The software hangs on "Connect to Server.vi".

Could you help me?

PS: Setting url and credentials to an old TCP server (cloudmqtt.com) works fine.

Thanks for the support.

[francois-normandin]

@stefranco1983
Error 66 means that the server is disconnecting the socket (closed by peer), so it`s telling you that there is a problem with one of these:

• Client ID
• Credentials / Certificate
• Connection payload / flags

At first glance, I believe you need to set the hostname to the "server hostname", and you need to provide the client with the server X.509 certificate (provided by hivemq, probably found in your account somewhere).
The hostname is the hostname that was used to sign the certificate, so if it does not match, you will not get to connect.

Using the test server, I get the same error 66 until I add a certificate... but since I don`t have an account, I do not have a valid certificate for this server, and it gets rejected with error -715050: Remote Host Identification has Failed.
That suggests that all you need is to find your server certificate and pass it in with the correct hostname.

If you do not provide a certificate (Ready for SSL = False), then it tries a non-TLS connection. That might work for port 1883, but not port 8883...

This is where the connection happens:

[francois-normandin]

https://community.hivemq.com/t/frequently-asked-questions-hivemq-cloud/514

[stefranco1983]

Thanks for the quick replies!
I did as you suggested.
I put the same address on both "hostname" and "address".
Then I followed the link you gave me (hivemq FAQ) and downloaded the .pem file (certificate).

Now "Ready for SSL" appear and I have sent the first topic!

The first step is done!

I hope not to disturb you during the next steps!

Thank you!

[francois-normandin]

Glad to hear that! May I suggest that you always disconnect and destroy the connection... That will reduce the risk of running out of sockets, memory leaks and other issues of the sort.

…

________________________________ From: stefranco1983 ***@***.***> Sent: Tuesday, June 11, 2024 10:15:10 AM To: LabVIEW-Open-Source/MQTT-Client ***@***.***> Cc: Francois Normandin ***@***.***>; Comment ***@***.***> Subject: Re: [LabVIEW-Open-Source/MQTT-Client] Error code 66 with SSL (Issue #25) Thanks for the quick replies! I did as you suggested. I put the same address on both "hostname" and "address". Then I followed the link you gave me (hivemq FAQ) and downloaded the .pem file (certificate). Now "Ready for SSL" appear and I have sent the first topic! immagine.png (view on web)<https://github.com/LabVIEW-Open-Source/MQTT-Client/assets/172271322/f4915b15-52b1-43ea-b899-28d514d91013> The first step is done! I hope not to disturb you during the next steps! Thank you! — Reply to this email directly, view it on GitHub<#25 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/ACZPNJC7AM77YN6S67RF3TDZG4WB5AVCNFSM6AAAAABJEFLTISVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCNRRGI2TEMJWGA>. You are receiving this because you commented.Message ID: ***@***.***>

[stefranco1983]

I'll follow your suggestion, thank you!

[Vortexhunter]

Hijacking this since I am having a similar issue, but mine is with AWS IoT. I have a working implementation using Python and PAHO MQTT. I've tried to use the information from your video a few years ago plus what I read in this post and I still get error 66, but this is after the connect step passes with "Connection accepted".

I made a quick "test connection" mod to the VI:

And that always goes all green / no errors.

If I try the MQTT side of it, as I mention before, I get 'Connection accepted' from the MQTT Client Connect to Server VI, but immediately error out with error 66 when it gets to the timeout ping server check

I am using the same credentials/client ID as in my PAHO solution, which has been running w/o issues.

[francois-normandin]

@Vortexhunter

Error 66 means "disconnected by peer", so it is the AWS IoT that closes the socket. It is very likely a protocol violation as described in a post above. (Client ID, Credentials / Certificate, Connection payload / flags?)

I would not be surprised if the Return Code is actually wrong... Unfortunately, I think you are running into a bug where if the CONNACK packet response is blank, the VI returns "Connection Accepted" because it is == 0 by default. But obviously, an error 66 means something went wrong, and if CONNACK was received fine, then the PINGREQ should work after 1000ms.

If you run this VI blank, it will not complain, which is wrong. It should throw an error if the header is empty.

1- Can you probe the inside of the above-mentioned VI, as called by Client Connect method?
If it truly returns a valid CONNACK packet, then...
2- Can you use Wireshark to probe at the response from the AWS IoT service?

[Vortexhunter]

@francois-normandin I will give it a go next time I have time to play with this implementation. Thanks for the quick reply!