MQTT-TCP connection guide
This topic describes how to connect to IoT Platform over MQTT-TCP.
Prerequisites
Enable TCP connections:
For instances created after October 2023: Using TCP for device connections poses a significant security risk. By default, TCP connections are disabled for new Enterprise instances.
For instances created before October 2023: For compatibility, TCP connections are enabled by default.
Obtain the C Link SDK. On the SDK Customization page, in the Protocol for Connecting to IoT Platform section, select the MQTT 3.1.1 check box.
Obtain device credentials. Devices use the device certificates issued by IoT Platform for authentication. For more information, see Obtain device credentials.
Background information
(Recommended) Connect devices to IoT Platform over MQTT-TLS to ensure secure data transmission.
(Not recommended) Connect devices to IoT Platform over MQTT-TCP. For some resource-constrained devices, using TLS connections increases resource consumption. These devices can use only TCP connections. However, using TCP connections introduces significant security risks. Features such as dynamic registration, device provisioning, secure tunnels, or remote logon are not supported. You must assume all risks and consequences of using MQTT-TCP connections.
The LinkSDK porting process is not affected by whether TCP connections are enabled. For porting steps, see SDK porting reference.
For over-the-air (OTA) updates on resource-constrained devices, use MQTT-OTA. For instructions, see Example 3: OTA update to download a single file over MQTT.
Procedure
Trim the TLS library
Trim the mbedtls library: In the LinkSDK root directory, run the following command to delete the
external/mbedtlslibrary.rm -rf external/mbedtls/Disable TLS library calls: Open the
core/sysdep/core_adapter.cfile and comment out#define CORE_ADAPTER_MBEDTLS_ENABLED./* * CORE_ADAPTER_MBEDTLS_ENABLED is not a user-facing compile switch. * * In most cases, keep the default setting. * You might disable this macro only to reduce the ROM size of the adapter layer * and you are not connecting to the server over TLS. * * We do not recommend removing the #define CORE_ADAPTER_MBEDTLS_ENABLED line. * IoT Platform accepts TCP connections, but we do not recommend them. * TLS is a more secure communication method. * */ //#define CORE_ADAPTER_MBEDTLS_ENABLED
Application notes
This section uses the basic MQTT connection demo (mqtt_basic_demo.c) as an example. The same modifications can be applied to other demos.
Replace device information
/* TODO: Replace with your own device credentials. */ char *product_key = "${YourProductKey}"; char *device_name = "${YourDeviceName}"; char *device_secret = "${YourDeviceSecret}";Replace endpoint information
char *mqtt_host = "${YourInstanceId}.mqtt.iothub.aliyuncs.com";Use a TCP connection
/* TODO: If the following code is uncommented, the demo connects to Alibaba Cloud IoT Platform over TCP instead of TLS. */ /* { memset(&cred, 0, sizeof(aiot_sysdep_network_cred_t)); cred.option = AIOT_SYSDEP_NETWORK_CRED_NONE; } */
Operational logs
Compile and run
make -j ./output/mqtt-basic-demoEstablish a TCP connection
establish tcp connection with server(host='iot-********.mqtt.iothub.aliyuncs.com', port=[443]) success to establish tcp, fd=5 local port: 54461Establish an MQTT connection
[1695887193.832][LK-0313] MQTT connect success in 137 ms AIOT_MQTTEVT_CONNECT