ESP32 Forum

ESP32 Official Forum
https://esp32.com/

Issue with MQTT SSL AT Command Response on ESP8684H2 Firmware

https://esp32.com/viewtopic.php?t=46560

Page 1 of 1

Issue with MQTT SSL AT Command Response on ESP8684H2 Firmware

Posted: Mon Sep 01, 2025 6:44 am
by Shivam_Kachhatiya
Hi,
I am using the ESP8684H2 AT Command firmware for my application. I would like to use MQTT over SSL in my setup, but whenever I send MQTT SSL-related commands through the serial UART, I always receive an ERROR response.

Could you please provide the required menuconfig settings to enable SSL support? Additionally, I would appreciate it if you could share the documentation for MQTT SSL AT Commands.

Download Flash Firmware Link https://docs.espressif.com/projects/esp ... le_it.html


LOG:

AT+GMR
AT version:4.2.0.0-dev(s-8a71d66 - ESP32C2 - Jul 30 2025 07:10:44)
SDK version:v5.4.1-643-g8ad0d3d8f2-dirty
compile time(f57d9667):Aug 21 2025 15:33:30
Bin version:v4.2.0.0-dev(ESP32C2-2MB)

OK

AT+CERTADD

ERROR
AT+SSLx

ERROR
AT+SSLx?

ERROR
AT+SSLx=?

ERROR
AT+CERTADD?

ERROR
AT+CERTADD=?

ERROR

I think this build does not support SSL. Please provide me the steps to enable SSL in menuconfig, or share the latest SSL-supported build link for my ESP32 chip.

Thanks
Shivam K

Re: Issue with MQTT SSL AT Command Response on ESP8684H2 Firmware

Posted: Thu Sep 04, 2025 7:30 am
by esp-at
Hi,
There is no a `AT+CERTADD` command. Please refer to examples:
- ssl client example: https://docs.espressif.com/projects/esp ... connection
- mqtt example: https://docs.espressif.com/projects/esp ... mples.html

Re: Issue with MQTT SSL AT Command Response on ESP8684H2 Firmware

Posted: Mon Sep 08, 2025 10:58 am
by Shivam_Kachhatiya
Hi,
Thank you for your response. I would like to clarify how to use SSL with a root/CA certificate on the ESP32 using AT commands. Could you please provide guidance or an example on how to configure the ESP32 AT firmware to connect to an MQTT broker over SSL using a root certificate for server verification?
Specifically, I want to understand:
How to upload or set the root certificate on the ESP32.
Which AT commands need to be used to enable SSL with server certificate verification.
Any minicontig settings required to enable SSL support in the firmware.
Thank you for your support.
Best regards,

Shivam

Re: Issue with MQTT SSL AT Command Response on ESP8684H2 Firmware

Posted: Wed Sep 10, 2025 2:23 am
by esp-at
You can read/write/erase all the configurations of esp-at via `AT+SYSMFG` command. (includes certificates and keys)
https://docs.espressif.com/projects/esp ... cmd-sysmfg

About the server verification, different command has different parameter. In your MQTT case, you can configure the <scheme> parameter of `AT+MQTTUSERCFG`.

~

Re: Issue with MQTT SSL AT Command Response on ESP8684H2 Firmware

Posted: Sat Sep 13, 2025 7:10 am
by Shivam_Kachhatiya
Hi,

AT+CWJAP="Niks","niks@1989"
WIFI DISCONNECT
WIFI CONNECTED
WIFI GOT IP

OK
AT+SYSMFG=2,"server_cert","server_cert.0",7,1358

OK

>
OK
AT+MQTTUSERCFG=0,3,"ESH01_EACC40B3E412","ESH01_EACC40B3E412","SaskenSilicon@123",0,0,""

OK
AT+CIPSNTPCFG=1,0,"pool.ntp.org","time.nist.gov","in.pool.ntp.org"

OK
+TIME_UPDATED
AT+CIPSNTPTIME?
+CIPSNTPTIME:Sat Sep 13 07:06:40 2025
OK
AT+MQTTCONN=0,"o221126e.ala.us-east-1.emqxsl.com",8883,1
+MQTTDISCONNECTED:0


tried this command, but the connection failed. Can you suggest the steps for MQTT over TLS with a server certificate? I read back the certificate after writing, and it verifies correctly

Thanks
Shivam

Re: Issue with MQTT SSL AT Command Response on ESP8684H2 Firmware

Posted: Sun Sep 28, 2025 8:30 am
by esp-at
server_cert is not the right namespace for MQTT. you should use the following command to update mqtt ca:
AT+SYSMFG=2,"mqtt_ca","mqtt_ca.0",7,1358

Sorry that the document is not clear enough, we should add more description for this part.

Re: Issue with MQTT SSL AT Command Response on ESP8684H2 Firmware

Posted: Fri Oct 03, 2025 7:26 am
by Shivam_Kachhatiya
[2025-10-03_12:53:08:222]AT

[2025-10-03_12:53:08:222]OK
[2025-10-03_12:53:10:661]AT+GMR
[2025-10-03_12:53:10:661]AT version:4.2.0.0-dev(s-8a71d66 - ESP32C2 - Jul 30 2025 07:10:44)
[2025-10-03_12:53:10:691]SDK version:v5.4.1-643-g8ad0d3d8f2-dirty
[2025-10-03_12:53:10:691]compile time(f57d9667):Sep 26 2025 14:55:36
[2025-10-03_12:53:10:691]Bin version:v4.2.0.0-dev(ESP32C2-2MB)

[2025-10-03_12:53:10:691]OK
[2025-10-03_12:53:12:458]AT+CWMODE=1

[2025-10-03_12:53:12:458]OK
[2025-10-03_12:53:14:191]AT+CWJAP="Niks","niks@1989"
[2025-10-03_12:53:14:191]WIFI DISCONNECT
[2025-10-03_12:53:14:300]WIFI CONNECTED
[2025-10-03_12:53:15:348]WIFI GOT IP

[2025-10-03_12:53:15:348]OK
[2025-10-03_12:53:19:707]AT+CIPSNTPCFG=1,0,"pool.ntp.org","time.nist.gov","in.pool.ntp.org"

[2025-10-03_12:53:19:723]OK
[2025-10-03_12:53:20:534]+TIME_UPDATED
[2025-10-03_12:53:23:129]AT+CIPSNTPTIME?
[2025-10-03_12:53:23:129]+CIPSNTPTIME:Fri Oct 3 07:23:23 2025
[2025-10-03_12:53:23:129]OK
[2025-10-03_12:53:26:018]AT+SYSMFG=2,"mqtt_ca","mqtt_ca.0",7,1358

[2025-10-03_12:53:26:034]OK

[2025-10-03_12:53:26:034]>
[2025-10-03_12:53:28:208]OK
[2025-10-03_12:53:38:223]AT+MQTTUSERCFG=0,3,"ESH01_EACC40B3E412","saskenIoT","SaskenSilicon2808",0,0,""

[2025-10-03_12:53:38:223]OK
[2025-10-03_12:53:45:879]AT+MQTTCONN=0,"o221126e.ala.us-east-1.emqxsl.com",8883,1
[2025-10-03_12:53:47:910]+MQTTDISCONNECTED:0
[2025-10-03_12:53:52:910]
[2025-10-03_12:53:52:910]ERROR

Note : Same Certificate and URL is working with cellular NbIOT Protocol

Please let me know any step is missing durring MQTT SSL connection.

Thanks
Shivam

Re: Issue with MQTT SSL AT Command Response on ESP8684H2 Firmware

Posted: Tue Oct 07, 2025 4:37 am
by Shivam_Kachhatiya
Hi,
[2025-10-03_13:04:00:560]AT+CWJAP="Niks","niks@1989"
[2025-10-03_13:04:00:576]WIFI DISCONNECT
[2025-10-03_13:04:00:752]WIFI CONNECTED
[2025-10-03_13:04:01:792]WIFI GOT IP

[2025-10-03_13:04:01:792]OK
[2025-10-03_13:04:02:639]AT+MQTTCLEAN=0

[2025-10-03_13:04:02:639]OK
[2025-10-03_13:04:05:069]AT+SYSMFG=2,"mqtt_ca","mqtt_ca.0",7,1358

[2025-10-03_13:04:05:069]OK

[2025-10-03_13:04:05:069]>
[2025-10-03_13:04:08:272]OK
[2025-10-03_13:04:13:362]AT+CIPSNTPCFG=1,0,"pool.ntp.org","time.nist.gov","in.pool.ntp.org"

[2025-10-03_13:04:13:362]OK
[2025-10-03_13:04:14:820]+TIME_UPDATED
[2025-10-03_13:04:15:703]AT+CIPSNTPTIME?
[2025-10-03_13:04:15:703]+CIPSNTPTIME:Fri Oct 3 07:34:15 2025
[2025-10-03_13:04:15:703]OK
[2025-10-03_13:04:19:197]AT+MQTTUSERCFG=0,4,"ESH01_EACC40B3E412","saskenIoT","SaskenSilicon2808",0,0,""

[2025-10-03_13:04:19:213]OK
[2025-10-03_13:04:24:320]AT+MQTTCONN=0,"o221126e.ala.us-east-1.emqxsl.com",8883,1
[2025-10-03_13:04:27:340]+MQTTCONNECTED:0,4,"o221126e.ala.us-east-1.emqxsl.com","8883","",1

[2025-10-03_13:04:27:340]OK
[2025-10-03_13:06:24:938]AT+MQTTSUB=0,"exa/v1/c2d/ESH01E4153116714D",0

[2025-10-03_13:06:24:938]OK
[2025-10-03_13:06:49:849]AT+MQTTPUBRAW=0,"exa/v1/d2c/ESH01E4153116714D",5,0,0

[2025-10-03_13:06:49:849]OK

[2025-10-03_13:06:49:849]>+MQTTPUB:OK
[2025-10-03_13:07:38:498]AT+MQTTPUBRAW=0,"exa/v1/d2c/ESH01E4153116714D",5,0,0

[2025-10-03_13:07:38:498]OK

[2025-10-03_13:07:38:498]>+MQTTPUB:OK

This process works as described above, but sometimes I notice that the time sync command response is delayed, which causes a connection issue. Is there a command to directly set the time on the module?

Thanks
Shivam K

Re: Issue with MQTT SSL AT Command Response on ESP8684H2 Firmware

Posted: Thu Oct 16, 2025 3:48 am
by esp-at
Yes, you can set module time via AT+SYSTIMESTAMP command:
https://docs.espressif.com/projects/esp ... time-stamp
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/