[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
Re: [mosquitto-dev] IOT Sandbox server - Secure Websockets?
|
Hi Ian
I use a self-signed cert. Works ok in Firefox (Windows) and Safari (iOS) after the user accepts the security exception.
Ray
> On 16 Jun 2015, at 11:09, Ian Craggs <icraggs@xxxxxxxxxxxxxxxxxxxxxxx> wrote:
>
> Hi Roger,
>
> that would be great. Any port will do. I don't know about the self-signed certificate, whether browsers will accept that out of the box. I guess the easiest way is to try it and see.
>
> Ian
>
>> On 06/15/2015 04:53 PM, Roger Light wrote:
>> Hi Ian,
>>
>> I'll see about getting it supported - but it would be a self signed
>> certificate and couldn't be on port 80 or 443. Is that going to be ok?
>>
>> Cheers,
>>
>> Roger
>>
>>
>> On Mon, Jun 15, 2015 at 4:48 PM, Ian Craggs
>> <icraggs@xxxxxxxxxxxxxxxxxxxxxxx> wrote:
>>> Hi Jan,
>>>
>>> thanks for the info, very helpful. What I'm trying to do is to default the
>>> online Paho web client example to a server which can be connected to.
>>> Ideally the Eclipse IoT sandbox server, for obvious reasons :-).
>>>
>>> Eclipse.org seems to serve up the page as https by default or most of the
>>> time, and then the browsers won't allow a non-secure websocket connection
>>> out. I can get a connection to work by loading the page with http rather
>>> than https but that takes some effort and is not something I want to ask
>>> anyone to do. The sample utility needs to be updated for connection options
>>> and TLS support anyway. We'll do that in due course (when James has time
>>> during or after his stint at Wimbledon).
>>>
>>> Ian
>>>
>>>
>>> On 06/15/2015 03:27 PM, Jan Weitz wrote:
>>>
>>> Hi Ian,
>>>
>>> you might want to try the HiveMQ websocket broker for testing.
>>>
>>> http://www.hivemq.com/demos/websocket-client/
>>>
>>> This worked for us in testing before we setup mosquitto with TLS.
>>>
>>> You might also put a NGINX locally in front of plain websocket mosquitto,
>>> without putting any certs in mosquitto.conf, but keeping them in NGINX.
>>>
>>> ```
>>> location /broker/ {
>>> access_log off;
>>> proxy_pass http://127.0.0.1:40002;
>>> proxy_set_header X-Real-IP $remote_addr;
>>> proxy_set_header Host $host;
>>> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
>>>
>>> proxy_http_version 1.1;
>>> proxy_set_header Upgrade $http_upgrade;
>>> proxy_set_header Connection "upgrade";
>>> }
>>> ```
>>>
>>> Greetings,
>>>
>>> Jan
>>>
>>> On 15 Jun 2015, at 15:35, Ian Craggs <icraggs@xxxxxxxxxxxxxxxxxxxxxxx>
>>> wrote:
>>>
>>> Hi Roger,
>>>
>>> thanks.
>>>
>>> Ian
>>>
>>>
>>> On 06/15/2015 01:22 PM, Roger Light wrote:
>>>
>>> Hi Ian,
>>>
>>> No it doesn't. The websockets interface is provided by
>>> apache+mod_websocket_mosquitto, I don't know if it would be possible
>>> to have it do TLS.
>>>
>>> Cheers,
>>>
>>> Roger
>>>
>>>
>>>
>>> On Mon, Jun 15, 2015 at 12:51 PM, Ian Craggs
>>> <icraggs@xxxxxxxxxxxxxxxxxxxxxxx> wrote:
>>>
>>> Does the Mosquitto sandbox server at iot.eclipse.org have a secure (TLS)
>>> websockets port? Is that port 80 as well?
>>>
>>> Just testing a sample, simple web application for the Paho JavaScript
>>> client: https://www.eclipse.org/paho/clients/js/utility/index.html
>>>
>>> --
>>> Ian Craggs
>>> icraggs@xxxxxxxxxx IBM United Kingdom
>>> Paho Project Lead; Committer on Mosquitto
>>>
>>> _______________________________________________
>>> mosquitto-dev mailing list
>>> mosquitto-dev@xxxxxxxxxxx
>>> To change your delivery options, retrieve your password, or unsubscribe from
>>> this list, visit
>>> https://dev.eclipse.org/mailman/listinfo/mosquitto-dev
>>>
>>> _______________________________________________
>>> mosquitto-dev mailing list
>>> mosquitto-dev@xxxxxxxxxxx
>>> To change your delivery options, retrieve your password, or unsubscribe from
>>> this list, visit
>>> https://dev.eclipse.org/mailman/listinfo/mosquitto-dev
>>>
>>>
>>> --
>>> Ian Craggs
>>> icraggs@xxxxxxxxxx IBM United Kingdom
>>> Paho Project Lead; Committer on Mosquitto
>>>
>>> _______________________________________________
>>> mosquitto-dev mailing list
>>> mosquitto-dev@xxxxxxxxxxx
>>> To change your delivery options, retrieve your password, or unsubscribe from
>>> this list, visit
>>> https://dev.eclipse.org/mailman/listinfo/mosquitto-dev
>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> mosquitto-dev mailing list
>>> mosquitto-dev@xxxxxxxxxxx
>>> To change your delivery options, retrieve your password, or unsubscribe from
>>> this list, visit
>>> https://dev.eclipse.org/mailman/listinfo/mosquitto-dev
>>>
>>>
>>> --
>>> Ian Craggs
>>> icraggs@xxxxxxxxxx IBM United Kingdom
>>> Paho Project Lead; Committer on Mosquitto
>>>
>>>
>>> _______________________________________________
>>> mosquitto-dev mailing list
>>> mosquitto-dev@xxxxxxxxxxx
>>> To change your delivery options, retrieve your password, or unsubscribe from
>>> this list, visit
>>> https://dev.eclipse.org/mailman/listinfo/mosquitto-dev
>> _______________________________________________
>> mosquitto-dev mailing list
>> mosquitto-dev@xxxxxxxxxxx
>> To change your delivery options, retrieve your password, or unsubscribe from this list, visit
>> https://dev.eclipse.org/mailman/listinfo/mosquitto-dev
>
> --
> Ian Craggs
> icraggs@xxxxxxxxxx IBM United Kingdom
> Paho Project Lead; Committer on Mosquitto
>
> _______________________________________________
> mosquitto-dev mailing list
> mosquitto-dev@xxxxxxxxxxx
> To change your delivery options, retrieve your password, or unsubscribe from this list, visit
> https://dev.eclipse.org/mailman/listinfo/mosquitto-dev