Re: [paho-dev] MQTTClient_SSLOptions scenarios

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [paho-dev] MQTTClient_SSLOptions scenarios - Paho C Client

From: Adam Scally <ascally@xxxxxxxxxxx>
Date: Fri, 14 Aug 2015 05:14:08 -0500
Accept-language: en-US
Acceptlanguage: en-US
Delivered-to: paho-dev@xxxxxxxxxxx
List-archive: <https://dev.eclipse.org/mailman/private/paho-dev>
List-help: <mailto:paho-dev-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/paho-dev>, <mailto:paho-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/options/paho-dev>, <mailto:paho-dev-request@eclipse.org?subject=unsubscribe>
Thread-index: AdDWcVKVNTkct7flT9OhXfRTTBkC2gACJrNw
Thread-topic: [paho-dev] MQTTClient_SSLOptions scenarios - Paho C Client

Thanks Al

-----Original Message-----
From: paho-dev-bounces@xxxxxxxxxxx [mailto:paho-dev-bounces@xxxxxxxxxxx] On Behalf Of Al S-M
Sent: 14 August 2015 10:12
To: paho-dev@xxxxxxxxxxx
Subject: Re: [paho-dev] MQTTClient_SSLOptions scenarios - Paho C Client

If you look at test/test3.c in the paho C client source code there are tests there that test all the scenarios you mention which you could use as examples.
http://git.eclipse.org/c/paho/org.eclipse.paho.mqtt.c.git/tree/test/test3.c

Al

On 14/08/15 10:05, Adam Scally wrote:
> Hi,
>
> Just a general question on the 3 different MQTTClient_SSLOptions 
> scenarios which are explained on the paho C client page:
>
> /"//Server authentication: The client needs the digital certificate of 
> the server. It is included in a store containting trusted material 
> (also known as "trust store")./
>
> /Mutual authentication: Both client and server are authenticated 
> during the SSL handshake. In addition to the digital certificate of 
> the server in a trust store, the client will need its own digital 
> certificate and the private key used to sign its digital certificate 
> stored in a "key store"./
>
> /Anonymous connection: Both client and server do not get authenticated 
> and no credentials are needed to establish an SSL connection. Note 
> that this scenario is not fully secure since it is subject to 
> man-in-the-middle attacks."/
>
> My application is now successfully supporting MQTT over TLS (thanks to 
> this mailing list). My question is how do I test each scenario which 
> is stated above?
>
> Am I right in saying:
>
> For server authentication: the trustStore parameter is set and 
> enableServerCertAuth is true. The client Keystore and PrivateKey are 
> not set?
>
> For Mutual authentication: the trustStore, Keystore, PrivateKey and 
> PrivateKeyPassword parameters are set. The enableServerCertAuth is true.
>
> For Anonymous connection: the trustStore, Keystore, PrivateKey and 
> PrivateKeyPassword parameters are not set. The enableServerCertAuth is 
> false.
>
> Sorry for the long winded question I just want to fully understand 
> exactly what I am setting for configuration purposes. Thank you.
>
> Best Regards,
>
> Adam
>
>
>
> _______________________________________________
> paho-dev mailing list
> paho-dev@xxxxxxxxxxx
> To change your delivery options, retrieve your password, or 
> unsubscribe from this list, visit 
> https://dev.eclipse.org/mailman/listinfo/paho-dev
>
_______________________________________________
paho-dev mailing list
paho-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://dev.eclipse.org/mailman/listinfo/paho-dev

References:
- [paho-dev] MQTTClient_SSLOptions scenarios - Paho C Client
  - From: Adam Scally
- Re: [paho-dev] MQTTClient_SSLOptions scenarios - Paho C Client
  - From: Al S-M

Prev by Date: Re: [paho-dev] MQTTClient_SSLOptions scenarios - Paho C Client
Next by Date: Re: [paho-dev] Submission is not thread safe
Previous by thread: Re: [paho-dev] MQTTClient_SSLOptions scenarios - Paho C Client
Next by thread: Re: [paho-dev] MQTTClient_SSLOptions scenarios - Paho C Client
Index(es):
- Date
- Thread

Breadcrumbs