Безопасное соединение не удалось "Chain could not be linked to a trust anchor"

[column]

Я пытался настроить и подключить сервер MQTT через SSL, но это не удалось:
[inline]Attempting MQTT connection...Checking TLS @ 192.168.1.8...

BSSL:_connectSSL: start connection

BSSL:Connected!

Connection secure -> .BSSL:_connectSSL: start connection

BSSL:_wait_for_handshake: failed

BSSL:Couldn't connect. Error = 'Chain could not be linked to a trust anchor.'

failed, rc=-2 try again in 5 seconds[/inline]

Размер стека определен в StackThunk.cpp:
[inline]#define _stackSize (5900/4)
[/inline]

Как исправить эту ошибку?
[inline]
#include <ESP8266WiFi.h>
#include <ESP8266mDNS.h>
#include <PubSubClient.h>
#include <NTPClient.h>
#include <time.h>
const char* cfg_wifi_ssid = "******";
const char* cfg_wifi_pwd = "******";
const char* mqtt_server = "192.168.1.8";
const unsigned int mqtt_port = 8883;
const char* mqtt_user = "a";
const char* mqtt_pass = "a";
const char ca_cert[] PROGMEM = R"EOF(
-----BEGIN CERTIFICATE-----
...

-----END CERTIFICATE-----
)EOF";
WiFiClientSecure espClient;
PubSubClient client(espClient);
void callback(char* topic, byte* payload, unsigned int length);
void verifyFingerprint() ;
char buffer[80];
WiFiUDP ntpUDP;
// By default 'pool.ntp.org' is used with 60 seconds update interval and
// no offset
NTPClient timeClient(ntpUDP);

void setup() {
Serial.begin(9600);
Serial.println("TestMQTT");
WiFi.mode(WIFI_STA);
WiFi.begin(cfg_wifi_ssid, cfg_wifi_pwd);
while (WiFi.status() != WL_CONNECTED) {
delay(500);
Serial.print(".");
}
Serial.println("");
Serial.println("WiFi connected");
Serial.println("IP address: ");
Serial.println(WiFi.localIP());

timeClient.begin();
while(!timeClient.update()){
timeClient.forceUpdate();
}
espClient.setX509Time(timeClient.getEpochTime());
Serial.println(timeClient.getFormattedTime());

client.setServer(mqtt_server, mqtt_port);
client.setCallback(callback);
while (!client.connected()) {

Serial.print("Attempting MQTT connection...");
verifyFingerprint();
// if (client.connect("a", mqtt_user, mqtt_pass)) {
if (client.connect("a", mqtt_user, mqtt_pass)) {
Serial.println("connected");
client.subscribe("sensor");
}else{
Serial.print("failed, rc=");
Serial.print(client.state());
Serial.println(" try again in 5 seconds");
// Wait 5 seconds before retrying
delay(5000);
}
}
}
void callback(char* topic, byte* payload, unsigned int length) {
Serial.print("Message arrived [");
Serial.print(topic);
Serial.print("] ");
char message[length + 1];
for (int i = 0; i < length; i++) {
message = (char)payload;
}
message[length] = '\0';
Serial.println(message);
}
void verifyFingerprint() {
if(client.connected() || espClient.connected()) return;

Serial.print("Checking TLS @ ");
Serial.print(mqtt_server);
Serial.print("...");
Serial.println("");

BearSSL::X509List cert(ca_cert);
espClient.setTrustAnchors(&cert);

if (!espClient.connect(mqtt_server, mqtt_port)) {
Serial.println("Connection failed. Rebooting.");
ESP.restart();
}
if (espClient.verify(ca_cert, mqtt_server)) {
Serial.print("Connection secure -> .");
} else {
Serial.println("Connection insecure! Rebooting.");
ESP.restart();
}
espClient.stop();
delay(100);
}

void loop() {
timeClient.update();
Serial.println(timeClient.getFormattedTime());
client.loop();

delay(1000);
}[/inline]

 

[xeniter]

have had same issue, problem in my case was that the object ca_cert gets deleted after setup():
BearSSL::X509List cert(ca_cert);
espClient.setTrustAnchors(&cert);

see https://arduino-esp8266.readthedocs.io/en/latest/esp8266wifi/bearssl-client-secure-class.html
at point Memory Requirements

try to create object on heap:
BearSSL::X509List *cert = new BearSSL::X509List(ca_cert);
espClient.setTrustAnchors(cert);

yours,
xeniter