MQTT - SSL Connection to test.mosquitto.org:8883 [message #1772436] |
Sat, 09 September 2017 18:49 |
Tom Becnel Messages: 1 Registered: September 2017 |
Junior Member |
|
|
I have downloaded mosquitto CLI on OS X and am playing around with client functionality. I can successfully subscribe to a topic at mosquitto.test.org on port 1883 from my computer using the command:
mosquitto_sub -h test.mosquitto.org -t tom-test
and publish with:
mosquitto_pub -h test.mosquitto.org -t tom-test -m "test message"
However, I cannot connect using a secure connection on port 8883. I have downloaded the Certificate Authority file 'mosquitto.org.crt' from test.mosquitto.org and have it in the same directory I am issuing the command from, and am attempting to create a connection using the following command:
mosquitto_sub -h test.mosquitto.org -p 8883 -t tom-test --cafile mosquitto.org.crt
The error message I receive is simply: Unable to connect (A TLS error occurred.).
I was under the impression that the CA file is the only file I need on the client side to establish connection on 8883. I have been unable to find topics or other forums addressing my issue (perhaps it's too simple to actually address?). As you can probably tell, I'm quite new to learning about SSL/TLS.
I have also tried creating a client.key and client.crt by signing with mosquitto.org.crt through openssl and including them in the command with the --cert and --key flags, but receive the same error message.
I have viewed the retrieved CA file from test.mosquitto.org using
openssl x509 -in mosquitto.org.crt -text -noout
and it appears to be valid between June 2012 and June 2022.
My goal is to create a secure SSL/TLS connection from my computer (client) to a server. It does not have to be test.mosquitto.org and I do not have to use mosquitto's CLI tools, but I would very much like to learn how to establish a connection. I have scoured the web and have found countless information on SSL/TLS, certs, CAs, signing, etc., and am learning a lot, but have been totally unsuccessful in actually establishing a connection. Any answers, explanations, or help on the subject in general would be greatly appreciated.
|
|
|
|
|
|
|
|
|
|
Powered by
FUDForum. Page generated in 0.04233 seconds