Re: [paho-dev] MQTTClient_SSLOptions scenarios

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [paho-dev] MQTTClient_SSLOptions scenarios - Paho C Client

From: Al S-M <asm@xxxxxxxx>
Date: Fri, 14 Aug 2015 10:11:52 +0100
Delivered-to: paho-dev@xxxxxxxxxxx
List-archive: <https://dev.eclipse.org/mailman/private/paho-dev>
List-help: <mailto:paho-dev-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/paho-dev>, <mailto:paho-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/options/paho-dev>, <mailto:paho-dev-request@eclipse.org?subject=unsubscribe>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.8.0

If you look at test/test3.c in the paho C client source code there aretests there that test all the scenarios you mention which you could useas examples.

http://git.eclipse.org/c/paho/org.eclipse.paho.mqtt.c.git/tree/test/test3.c

Al

On 14/08/15 10:05, Adam Scally wrote:

Hi,

Just a general question on the 3 different MQTTClient_SSLOptions
scenarios which are explained on the paho C client page:

/“//Server authentication: The client needs the digital certificate of
the server. It is included in a store containting trusted material (also
known as "trust store")./

/Mutual authentication: Both client and server are authenticated during
the SSL handshake. In addition to the digital certificate of the server
in a trust store, the client will need its own digital certificate and
the private key used to sign its digital certificate stored in a "key
store"./

/Anonymous connection: Both client and server do not get authenticated
and no credentials are needed to establish an SSL connection. Note that
this scenario is not fully secure since it is subject to
man-in-the-middle attacks.”/

My application is now successfully supporting MQTT over TLS (thanks to
this mailing list). My question is how do I test each scenario which is
stated above?

Am I right in saying:

For server authentication: the trustStore parameter is set and
enableServerCertAuth is true. The client Keystore and PrivateKey are not
set?

For Mutual authentication: the trustStore, Keystore, PrivateKey and
PrivateKeyPassword parameters are set. The enableServerCertAuth is true.

For Anonymous connection: the trustStore, Keystore, PrivateKey and
PrivateKeyPassword parameters are not set. The enableServerCertAuth is
false.

Sorry for the long winded question I just want to fully understand
exactly what I am setting for configuration purposes. Thank you.

Best Regards,

Adam

_______________________________________________
paho-dev mailing list
paho-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/paho-dev

Follow-Ups:
- Re: [paho-dev] MQTTClient_SSLOptions scenarios - Paho C Client
  - From: Adam Scally

References:
- [paho-dev] MQTTClient_SSLOptions scenarios - Paho C Client
  - From: Adam Scally

Prev by Date: [paho-dev] MQTTClient_SSLOptions scenarios - Paho C Client
Next by Date: Re: [paho-dev] MQTTClient_SSLOptions scenarios - Paho C Client
Previous by thread: [paho-dev] MQTTClient_SSLOptions scenarios - Paho C Client
Next by thread: Re: [paho-dev] MQTTClient_SSLOptions scenarios - Paho C Client
Index(es):
- Date
- Thread

Breadcrumbs