#!/bin/bash
# Script de prueba para conexiones MQTT SSL/TLS
# Domain: iot.lambicall.com

echo "=========================================="
echo "EMQX SSL/TLS Connection Test"
echo "Domain: iot.lambicall.com"
echo "=========================================="
echo ""

# Test 1: Check certificate
echo "1. Verificando certificado SSL..."
echo "   Conectando a iot.lambicall.com:8883..."
timeout 3 openssl s_client -connect iot.lambicall.com:8883 -showcerts 2>&1 | grep -E "(CN=|verify return|NotBefore|NotAfter)" | head -10
if [ $? -eq 0 ]; then
    echo "   ✓ Certificado SSL válido"
else
    echo "   ✗ Error verificando certificado"
fi
echo ""

# Test 2: MQTT SSL connection
echo "2. Probando conexión MQTT sobre SSL (puerto 8883)..."
timeout 3 mosquitto_pub -h iot.lambicall.com -p 8883 -t "test/ssl" -m "Test message" --capath /etc/ssl/certs/ 2>&1
if [ $? -eq 0 ]; then
    echo "   ✓ Conexión MQTT SSL exitosa"
else
    echo "   ✗ Error en conexión MQTT SSL"
fi
echo ""

# Test 3: Regular MQTT connection
echo "3. Probando conexión MQTT regular (puerto 1883)..."
timeout 3 mosquitto_pub -h iot.lambicall.com -p 1883 -t "test/topic" -m "Test message" 2>&1
if [ $? -eq 0 ]; then
    echo "   ✓ Conexión MQTT regular exitosa"
else
    echo "   ✗ Error en conexión MQTT regular"
fi
echo ""

# Test 4: Check listeners
echo "4. Verificando listeners de EMQX..."
emqx ctl listeners | grep -E "(ssl|wss):" | head -4
echo ""

# Test 5: Certificate expiration
echo "5. Información del certificado SSL:"
echo "   Dominio: iot.lambicall.com"
openssl s_client -connect iot.lambicall.com:8883 -showcerts 2>&1 | grep -E "(NotBefore|NotAfter)" | sed 's/^/   /'
echo ""

echo "=========================================="
echo "Tests completados"
echo "=========================================="