I have mosquitto 2.0.11 running with letsencrypt certificates via certbot under a subdomain, OpenSSL 1.1.1g, in principle according to the installation instructions on digitalocean.
mosquitto.conf
log_type all
log_timestamp true
log_timestamp_format %Y-%m-%d_%H:%M:%S
connection_messages true
allow_anonymous false
require_certificate false
password_file /etc/mosquitto/passwd
listener 1883 localhost
listener 8883
certfile /etc/mosquitto/certs/server.pem
cafile /etc/mosquitto/ca_certificates/fullchain1.pem
keyfile /etc/mosquitto/certs/server.key
dhparamfile /etc/mosquitto/dhparam.pem
tls_version tlsv1.2
listener 8083
protocol websockets
certfile /etc/mosquitto/certs/server.pem
cafile /etc/mosquitto/ca_certificates/fullchain1.pem
keyfile /etc/mosquitto/certs/server.key
tls_version tlsv1.2
dhparamfile /etc/mosquitto/dhparam.pem
A couple of ublox-Modems connect to it and send data. All of the modems support the same TLS Version 1.1 and 1.2 and also use the same set of ciphersuites.
While SARA-U2 and LARA-G2 modems works flawlessly, SARA-G350-03 can not connect and mosquitto throws a strange error in the mosquitto.log:
2021-07-13_12:07:47: Client connection from 18.197.48.88 failed: error:14201044:SSL routines:tls_choose_sigalg:internal error.
I know that the mentiones SARA-G350-03 connects successful via TLS to mosquitto 1.4 but not on 1.6 and 2.0.
My questions are:
- might this be a Mosquitto problem, or an OpenSSL problem?
- what does it want to tell me?
- anything else I can try and test to get it running?
[Updated on: Tue, 13 July 2021 12:41]
Report message to a moderator