I'm trying to set up a broker to allow clients who authenticate either by tls-psk OR by username/password. I've configured psk_file, psk_hint, and password_file and I've added different users to the psk file and password_file.
Clients using psk work fine, but clients using username and password don't. Here is how I'm connecting with the client that fails:
$ mosquitto_sub -p 8883 -u admin -P password -t '2.1/LOC/+/+/MGR'
Here is the error log I see in the broker:
1486070537: Client connection from ::1 failed: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol.
Is there something else I need to configure to get this to work?
For some background as to WHY I need to do this: I have external clients who only use tls-psk to connect which I have no control over. I also need to write my own client, preferably in Go (https://github.com/eclipse/paho.mqtt.golang). The problem is that the Go libraries don't seem to support tls-psk (and either does the Python library), which is why I need support for normal username/password. If there is another way I could authenticate using my client I would be open to that as well.
Thanks for any help you can give!