Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [mosquitto-dev] Certificate authentication

Hi Nidhi,

Yes, is you want TLS support the server must have a certificate and key.

Cheers,

Roger


On 12 Sep 2016 1:18 p.m., "Nidhi Kushwaha" <nidhii.kushwaha@xxxxxxxxx> wrote:
​​
I have configured the mosquitto broker on 8883 with following settings to enable Server and client certificate authentication.

# --------------Config --------------
cafile   my_ca.crt
certfile  my_srv.crt
keyfile  my_srv.key
require_certificate  true

When mqtt client ( mosquitto_pub.exe  /mosquitto_sub.exe ) is connected, PEM passphrase is is asked and subsequently messages are  published and received successfully.


If I change the broker configuration to support just Client authentication and remove server certificate and key,I am getting error - Socket error on client <unknown>, disconnecting.

# --------------Config --------------
cafile     my_ca.crt
require_certificate    true


Does it mean for  Client certificate authentication, cafile information is not sufficient ? And server certificate and key information needs to be included in broker configuration as well ! ?



- Nidhi 

_______________________________________________
mosquitto-dev mailing list
mosquitto-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/mosquitto-dev

Back to the top