Eclipse Community Forums: Mosquitto » SSL/TLS or Username and Password Authentication

Home » Eclipse Projects » Mosquitto » SSL/TLS or Username and Password Authentication

SSL/TLS or Username and Password Authentication [message #1859702]

Thu, 22 June 2023 17:20

Eclipse User

I have some devices that needs to authenticate with a certificate but does not have a username or password.

Then I have devices that needs to authenticate with a Username and Password but does not have a certificate.

I'm not sure what is the correction configuration to achieve this.

This is my current configuration:

password_file PathToPasswordFile
cafile PathToCAFile
certfile PathToCertFile
keyfile PathToKeyFile
require_certificate false
use_identity_as_username false

Re: SSL/TLS or Username and Password Authentication [message #1859747 is a reply to message #1859702]

Sat, 24 June 2023 12:03

Eclipse User

It seems like the Mosquitto broker does not allow this:

https://github.com/eclipse/mosquitto/issues/1839#issuecomment-707656348

So the next best option will be to run two listeners on the same broker. Each listener having its own authentication configuration. I still need to verify that my message handler can subscribe to messages published from both types of devices. But I guess this should work since it is on the same broker.

Here is my working configuration:

# SSL/TLS with certificate authentication
listener port
use_identity_as_username true
require_certificate true
cafile pathtocafile
certfile pathtocertfile
keyfile pathtokeyfile

# Username and Password authentication
listener port
per_listener_settings true
password_file pathtopasswordfile

[Updated on: Sat, 24 June 2023 12:03] by Moderator

Previous Topic:	QOS 0 question
Next Topic:	no stable connection with client

Goto Forum:

-=] Back to Top [=-

Current Time: Sun Jul 06 03:11:33 EDT 2025

.:: Contact :: Home ::.

Breadcrumbs

Sign up to our Newsletter