How to make sure client connects with TLS? [message #1832380] |
Thu, 17 September 2020 10:27 |
Aistis Kaikaris Messages: 33 Registered: March 2018 |
Member |
|
|
Hello.
I have a mosquitto broker configured with TLS and i want to make sure the client uses secured connection, however i'm not certain if this forces the clients to use TLS for the communication. Here is my configuration:
persistence true
persistence_location /var/lib/mosquitto/persistence/
per_listener_settings true
autosave_interval 1800
protocol mqtt
###### Cluster level listener ####
listener 1883
require_certificate false
allow_anonymous true
###### ENABLE TLS ######
listener 8883
password_file /etc/mosquitto/mosquitto_password_file
cafile /var/lib/mosquitto/chain.pem
certfile /var/lib/mosquitto/cert.pem
keyfile /var/lib/mosquitto/privkey.pem
require_certificate false
tls_version tlsv1.2
allow_anonymous false
Does the 8883 listener require the client to use it's provided certificate for secure communication, or is it possible that the client could choose to not use the secure connection and establish unsecured connection with only username and password?
|
|
|
Powered by
FUDForum. Page generated in 0.02727 seconds