STM32 HiveMQ connection issue

cleonb32 · August 14, 2025, 2:21am

Hi all, I am using a custom board with STM32F7. I can connect to a local Mosquito server with certificate and username/password enabled; However, when I try to connect with HiveMQ using the generated Certificate, it is rejecting my connection with error code 5 (MQTT_CONNECT_REFUSED_NOT_AUTHORIZED_). I read on a forum that the reason it is rejecting the connection because I am connecting with HiveMQ’s IP Address (obtained using DNS) and not connecting directly with the HiveMQ domain name: (1ff096ae7f524a0f978cabaca991e8ca.s1.eu.hivemq.cloud), if this is the case, can i regenerate HiveMQ certificate with the IP address or is there a way I can use the domain name directly to connect using MQTT LWIP library?

Daria_H · August 14, 2025, 7:07am

Hi @cleonb32! Thanks for being here. The HiveMQ Community is always open to new users and your curiosity is very welcome.

The issue is not that you are resolving the domain name to an IP address yourself. The problem is that your device is likely not supporting TLS-SNI (Server Name Indication). HiveMQ Cloud requires a TLS-SNI capable client to establish a connection.

You can find more details in our documentation: https://hivemq.atlassian.net/wiki/spaces/HCSP/pages/2693857294

Best,

Dasha from The HiveMQ Team

cleonb32 · August 15, 2025, 3:18am

Thank you for your speedy reply. So, is it possible to connect to HiveMQ with a system running LWIP? In my case, I am using an STM32F7

AaronTLFranz · August 15, 2025, 12:44pm

Hello @cleonb32 ,

Thank you for the follow-up!

We would first recommend utilizing the documentation attached from @Daria_H above to confirm that you do indeed have TLS-SNI enabled. This will allow you to ensure that the device is compatible with the TLS mechanisms utilized by HiveMQ Cloud.

If this is the case, and TLS-SNI is properly enabled, the next step would be to confirm if you are able to connect using just the Server certificate, available here, using one-way TLS. If successful, you can then use a custom certificate for client-based certificate authentication (mTLS) using our guide here : Enhance Your IoT Security with Client Certificate Authentication on HiveMQ Cloud Starter

Let us know if you have any additional questions - we are always happy to help!

Best,

Aaron from the HiveMQ Team

cleonb32 · August 15, 2025, 10:34pm

Thank you for the help. I confirm that the issue was with TLS_SNI.

In the altcp_mbedtls_setup function after mbedtls_ssl_init(&state->ssl_context); I added mbedtls_ssl_set_hostname(&state->ssl_context, “1ff096ae7f524a0f978cabaca991e8ca.s1.eu.hivemq.cloud”); for testing and it works. it is silly because I have to modify the 3rd party library for it to work.

Topic		Replies	Views
Hivemq mqtt_client: MQTT connect failed MQTT	3	101	November 24, 2025
Unabled to connect to MQTT serverless option HiveMQ Cloud	4	228	August 7, 2025
HiveMQ Cloud server rejects connection to LTE device HiveMQ Cloud	9	1577	May 6, 2024
How to connect device using AT-Commands(Simcom) into HiveMQ Cloud	5	2796	June 7, 2024
Isrgrootx1.pem in SIM7600E HiveMQ Cloud	1	596	January 2, 2023

STM32 HiveMQ connection issue

Related topics