Re: [mosquitto-dev] using ACLs and TLS.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [mosquitto-dev] using ACLs and TLS.

From: Karl Palsson <karlp@xxxxxxxxxxxx>
Date: Thu, 03 May 2018 15:40:50 -0000
Delivered-to: mosquitto-dev@xxxxxxxxxxx
List-archive: <https://dev.eclipse.org/mailman/private/mosquitto-dev>
List-help: <mailto:mosquitto-dev-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/mosquitto-dev>, <mailto:mosquitto-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/options/mosquitto-dev>, <mailto:mosquitto-dev-request@eclipse.org?subject=unsubscribe>
Openpgp: id=9F020B9C40DA5E6F2CAF63B319A8B50FD4D5CAF6; preference=signencrypt
User-agent: Mailpile

Leandro <ingrogger@xxxxxxxxx> wrote:
> Hi guys , Im using ACLs pluging and TLS connection with a great
> result. Now, in order to get a fully operational broker I need
> to accomplish two goals:
> 
> 1st: Declare if possible a read/write topic that bypass the
> acls , so it is available for all users. (So far I declare an
> acl rule per each user to access this special topic).
> 
> 2nd: Create a local user that can connect to tls server without
> using certificate. (I think it is not necessary to use
> encryption for a local monitoring purpose user)

This can often be achieved simply with a second listener, that
binds only to localhost, and simply doesn't enable TLS. CHeers,
Karl P

Attachment: signature.html
Description: OpenPGP Digital Signature

Follow-Ups:
- Re: [mosquitto-dev] using ACLs and TLS.
  - From: Leandro

References:
- [mosquitto-dev] using ACLs and TLS.
  - From: Leandro

Prev by Date: [mosquitto-dev] using ACLs and TLS.
Next by Date: Re: [mosquitto-dev] using ACLs and TLS.
Previous by thread: [mosquitto-dev] using ACLs and TLS.
Next by thread: Re: [mosquitto-dev] using ACLs and TLS.
Index(es):
- Date
- Thread

Breadcrumbs