From bfca747d4bce38bad84be437cde79194a2b75f99 Mon Sep 17 00:00:00 2001
From: Florian <florian@theengs.io>
Date: Thu, 14 Sep 2023 18:11:46 -0500
Subject: [PATCH] [SYS] Add alpn (#1745)

---
 main/User_config.h | 5 +++++
 main/main.ino      | 5 +++++
 2 files changed, 10 insertions(+)

diff --git a/main/User_config.h b/main/User_config.h
index b4b8979fe7..6072ea1a68 100644
--- a/main/User_config.h
+++ b/main/User_config.h
@@ -217,6 +217,11 @@ const char* certificate PROGMEM = R"EOF("
 #    define AWS_IOT false
 #  endif
 
+#  if AWS_IOT
+// Enable the use of ALPN for AWS IoT Core with the port 443
+const char* alpnProtocols[] = {"x-amzn-mqtt-ca", NULL};
+#  endif
+
 //#  define MQTT_HTTPS_FW_UPDATE //uncomment to enable updating via MQTT message.
 
 #  ifdef MQTT_HTTPS_FW_UPDATE
diff --git a/main/main.ino b/main/main.ino
index 87d745bd5e..b76fc787c5 100644
--- a/main/main.ino
+++ b/main/main.ino
@@ -1272,6 +1272,11 @@ void setupTLS(bool self_signed, uint8_t index) {
     Log.notice(F("Using self signed cert index %u" CR), index);
 #    if defined(ESP32)
     sClient->setCACert(certs_array[index].server_cert);
+#      if AWS_IOT
+    if (strcmp(mqtt_port, "443") == 0) {
+      sClient->setAlpnProtocols(alpnProtocols);
+    }
+#      endif
 #      if MQTT_SECURE_SELF_SIGNED_CLIENT
     sClient->setCertificate(certs_array[index].client_cert);
     sClient->setPrivateKey(certs_array[index].client_key);