Android Question MQTT client and TLS1.2

V

VTSinLincoln

Member
Licensed User
Longtime User
Is there any way of enabling TLS1.2 support in the existing jMQTT client library (V1.00)? It only appears to support TLS1.0 which is now deprecated, or about to become so. (While TLS V1.0 is probably sufficient for my needs - I'm not using it for financial transactions, I'd still prefer to use something closer to the bleeding edge).

If I can't make the existing client use TLS1.2, what do I need to do to create a new library from the latest Eclipse Paho project (which does support TLS1.2)? I'm guessing I need to install Eclipse and not just use the Simple Library Compiler?
 
Sort by date Sort by votes
V

VTSinLincoln

Member
Licensed User
Longtime User
The error I get is:
B4X: 
java.net.SocketTimeoutException: SSL handshake timed out

The broker is a custom (C#) one based on a NuGet package MQTTnet. It uses a Let's Encrypt certificate which all works correctly with a test MQTTnet client.

When I got the error with my Android test client, I downloaded the latest source from GitHub and changed the server authentication code from
B4X: 
await sslStream.AuthenticateAsServerAsync(_tlsCertificate, false, SslProtocols.Tls12, false).ConfigureAwait(false);
to
B4X: 
await sslStream.AuthenticateAsServerAsync(_tlsCertificate, false, SslProtocols.Tls, false).ConfigureAwait(false);

My broker then worked with my Android test client.

I've subsequently changed the broker code back TLS1.2 and done some more testing. I've discovered the error only appears with an old Android 4.4 tablet (which as luck would have it was what I was doing my initial testing with ). On newer devices, TLS v1.2 is negotiated quite successfully (so the existing MQTT client *does* support TLS1.2).

Problem identified (not quite solved).

Thanks for the quick response.
 
Upvote 0
V

VTSinLincoln

Member
Licensed User
Longtime User
The custom security provider appears to say it installed, but things don't look good after that (and a TLS1.2 only broker still rejects it):

Provider installed successfully
created
Connecting
GC_CONCURRENT freed 380K, 15% free 6699K/7872K, paused 2ms+2ms, total 9ms
created
WS reader created and started
running
created
WS writer created and started
Status: 101 (Switching Protocols)
opening handshake received
GC_FOR_ALLOC freed 356K, 18% free 7030K/8532K, paused 9ms, total 9ms
connected
onOpen() called, ready to rock.
{"data":[],"etype":"setAutomaticEvents"}
quit
ended
WebSockets Close received (1000 - null)
quit
ended
quit
error: null
-1 received
writer error
java.lang.InterruptedException
at java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.reportInterruptAfterWait(AbstractQueuedSynchronizer.java:1992)
at java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.await(AbstractQueuedSynchronizer.java:2026)
at java.util.concurrent.ArrayBlockingQueue.take(ArrayBlockingQueue.java:373)
at anywheresoftware.b4a.remotelogger.Connector$Writer.run(Connector.java:160)
at java.lang.Thread.run(Thread.java:841)
Starting remote logger. Port: 29707
After accept
-1 received
writer error
java.lang.InterruptedException
at java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.reportInterruptAfterWait(AbstractQueuedSynchronizer.java:1992)
at java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.await(AbstractQueuedSynchronizer.java:2026)
at java.util.concurrent.ArrayBlockingQueue.take(ArrayBlockingQueue.java:373)
at anywheresoftware.b4a.remotelogger.Connector$Writer.run(Connector.java:160)
at java.lang.Thread.run(Thread.java:841)
Starting remote logger. Port: 29707


I've currenty got the broker accepting TLS V1.0 and V1.2. I think the simplest thing is to limit the app to Android 5 (or 6) and above. Plus maybe root my test device and install something later on it!
 
Upvote 0
You must log in or register to reply here.

Similar Threads

J
  • Question
B4J Question [B4X] jMQTT - TLS with self signed certificates
Replies
6
Views
4K
JDR
J
  • Question
Android Question OKHttp TLS1.2 Android4.0
Replies
5
Views
2K
Erel
  • Article
Android Code Snippet [B4X] MQTT SSL and Self Signed Certificates
Replies
2
Views
9K
Erel
  • Locked
  • Article
Android Tutorial [B4X] MQTT - Connect & Reconnect
Replies
16
Views
21K
amorosik
  • Locked
  • Article
B4J Library [B4X] jMQTT - Official MQTT client
Replies
3
Views
24K
Erel
Menu
Log in
Register
Cookies are required to use this site. You must accept them to continue using the site. Learn more…