Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[mosquitto-dev] tlsv1 alert unknown ca

Hi,

I have mosquitto 1.4.10 configured to use my server certificates issued 
by rapidsslonline.com‎:

cafile /tmp/mcca.crt
certfile /tmp/myserver.crt
keyfile /tmp/myserver.key

The broker listens on 8080.

I tried to use openssl to verify that TLS connection is OK:

# openssl s_client -connect myserver.com:8080 -CAfile /tmp/ca.crt

It connects fine, and in mosquitto log I can see "New connection from 
xxx.xxx.xxx.xxx on port 8080".


But mosquitto_sub won't work:

# mosquitto_sub -d -v -h myserver.com -p 8080 --tls-version tlsv1.2 
--cafile /tmp/ca.crt  -i mysub -t mytopic -q 2
Unable to connect (A TLS error occurred.).

And in mosquitto log I see:

mosquitto[2543]: OpenSSL Error: error:14094418:SSL 
routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
mosquitto[2543]: OpenSSL Error: error:140940E5:SSL 
routines:SSL3_READ_BYTES:ssl handshake failure
mosquitto[2543]: Socket error on client <unknown>, disconnecting.


The size of ca.crt is 1550 bytes.

Any idea?


Thanks
Khitai

Back to the top