| [paho-dev] MQTTClient_SSLOptions scenarios - Paho C Client |
Hi, Just a general question on the 3 different MQTTClient_SSLOptions scenarios which are explained on the paho C client page: “Server authentication: The client needs the digital certificate of the server. It is included in a store containting trusted material (also known as "trust store"). Mutual authentication: Both client and server are authenticated during the SSL handshake. In addition to the digital certificate of the server in a trust store, the client will need its own digital certificate and the private key used to sign its digital certificate stored in a "key store". Anonymous connection: Both client and server do not get authenticated and no credentials are needed to establish an SSL connection. Note that this scenario is not fully secure since it is subject to man-in-the-middle attacks.” My application is now successfully supporting MQTT over TLS (thanks to this mailing list). My question is how do I test each scenario which is stated above? Am I right in saying: For server authentication: the trustStore parameter is set and enableServerCertAuth is true. The client Keystore and PrivateKey are not set? For Mutual authentication: the trustStore, Keystore, PrivateKey and PrivateKeyPassword parameters are set. The enableServerCertAuth is true. For Anonymous connection: the trustStore, Keystore, PrivateKey and PrivateKeyPassword parameters are not set. The enableServerCertAuth is false. Sorry for the long winded question I just want to fully understand exactly what I am setting for configuration purposes. Thank you. Best Regards, Adam |