Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [mosquitto-dev] Mosquitto over SSL refuses publishing message 
<colin.helliwell@xxxxxxxxxxxxxx> writes:

> FWIW, I've had the same problem with Home Assistant - it needs the
> 'fullchain' file that LetsEncrypt generate, not the 'cert'.

It's not really a problem so much as an expected situation.  The nature
of PKIX is that there is a set of normal trust anchors and when you send
a cert from a server you have to send the entire chain except for what's
in the recipient's trust anchor set.   Many CAs have a root and then
intermeidate certificates used to sign end enitty certs.  If those
intermediate ones are sent, via using  the fullchain.pem file, nobody
notices this.

Back to the top