[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [mosquitto-dev] session resumption using session ids in mqtt

----- Original Message -----
> From: "$@(#!N" <sachinjoshi4496@xxxxxxxxx>
> To: mosquitto-dev@xxxxxxxxxxx
> Sent: Wednesday, 12 September, 2018 13:47:55
> Subject: [mosquitto-dev] session resumption using session ids in mqtt
>
> Hello,
>
> I have wrote the paho-client programs( 1-publisher ,1-subscriber) using C. And I
> am able to transmit the data through mosquitto broker with TLSv2. Now i want to
> enable session resumption using session ID.
>
> What changes are to be done in my mosquitto broker configuration file and in my
> client C programs...

> Openssl says server needs to generate session ids, which means mosquitto in this
> context. However, mosquitto.conf has no option to setup a cache (storing
> session ids). I have traced the packets through Wireshark , packets are
> encrypted, but every time a new session ticket is sent. I just want to optimize
> the handshake by using session resumption(preferably using session IDs ).
>
> Thank you

Would it work for you if you use Nginx for SSL termination?

https://docs.nginx.com/nginx/admin-guide/security-controls/terminating-ssl-http/

You'd just set up a non-SSL Mosquitto and make a "TCP stream" frontend, where Nginx does the SSL. I use it all the time. It allows many more options (and in my case also prevents bugs in Mosquitto's SSL implementation).

Regards,

Wiebe