Hi Chris,
> mosquitto_sub --cafile /home/myuser/CA/all-ca.crt --key
> /home/myuser/CA/client.key --cert /home/myuser/CA/client.crt -h 10.0.134.44
> -p 8883 -t 'tbbtb' --tls-version tlsv1.2 -d
> Unable to connect (8).
>
>
> Broker side:
>
> 1410848100: New connection from 10.0.1.44 on port 8883.
> 1410848100: OpenSSL Error: error:14094416:SSL routines:SSL3_READ_BYTES:sslv3
> alert certificate unknown
> 1410848100: OpenSSL Error: error:140940E5:SSL routines:SSL3_READ_BYTES:ssl
> handshake failure
> 1410848100: Socket error on client (null), disconnecting.
It looks like the client certificate you are providing isn't
recognised as valid by the broker. Are you sure you have all of the CA
certificates set correctly on the broker as well? You've set
"require_certificate false" but are still sending a client certificate
- is this what you intend?
I presume you're just using it for testing, but if not I should point
out that the files generated by test/ssl/gen.sh are only intended for
the post-compilation tests. They are weak key length and certainly
don't match your details :)
Cheers,
Roger
_______________________________________________
mosquitto-dev mailing list
mosquitto-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/mosquitto-dev