Support for HTTP proxy with SSL decryption [message #1868850] |
Tue, 23 July 2024 17:24 |
Eclipse User |
|
|
|
We have recently developed a solution using MQTT broker and Eclipse Paho C++ SDK. While it works great incase of direct connection to broker as well as connection via transparent proxy.
But we are encountering issues with many customer setups where they have HTTP proxy with SSL decryption/HTTP inspection enabled. We ensured that client have rootCA of proxy but still connection does not go through.
Client is giving bad MQTT packet error during SSL handshake and terminating the connection.
[2024_05_14_11_46_07] 9128 [MQTTTraceCallback] 20240514 114607.919 Bad MQTT packet, type 3
[2024_05_14_11_46_07] 9128 [MQTTTraceCallback] 20240514 114607.919 (9128) (2)< MQTTPacket_Factory:179 (-1)
[2024_05_14_11_46_07] 9128 [MQTTTraceCallback] 20240514 114607.920 CONNECT sent but MQTTPacket_Factory has returned SOCKET_ERROR
I have attached client errors as well as wireshark logs for reference.
I want to check with group here
1. Is there any recommendation to solve this use case?
2. As we are encountering this with many our customers, can this be use case for SDK enhancement to support it?
Regards,
Rajiv
|
|
|
Powered by
FUDForum. Page generated in 0.03147 seconds