Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [mosquitto-dev] Mosquitto private key encryption
Hi Roger,

I didn't note that it is possible to insert the password on start. Thanks for the information.
I agree with you that it make no sense to store a password in a configuration file, but why not to provide it through a plugin? Just to avoid the user interaction.

Best regards,
Milan

2016-04-26 11:48 GMT+02:00 Roger Light <roger@xxxxxxxxxx>:
Hi Milan,

You can use encrypted private keys with the broker just fine, you'll
just have to enter the password when you start the broker. I believe
this is the same behaviour as e.g. apache.

I can't help thinking that an option to have the private key password
stored in the config is identical from a security point of view to
having an unencrypted private key.

Cheers,

Roger

On Tue, Apr 26, 2016 at 10:37 AM, Milan Tucic <tucic.milan@xxxxxxxxx> wrote:
> Hi,
>
> I'm wondering why Mosquitto doesn't support an encrypted private key file by
> default? I don't see it as an option for the server SSL/TLS configuration
> and I think it would be fine to have it.
>
> Best regards,
> Milan
>
> _______________________________________________
> mosquitto-dev mailing list
> mosquitto-dev@xxxxxxxxxxx
> To change your delivery options, retrieve your password, or unsubscribe from
> this list, visit
> https://dev.eclipse.org/mailman/listinfo/mosquitto-dev
_______________________________________________
mosquitto-dev mailing list
mosquitto-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/mosquitto-dev

Back to the top