Hi,
Hoping that this is the right forum to ask questions for MQTT test brokers, I am unable to connect to port 8081. As described at
test.mosquitto.org, "Port 8081 has a Lets Encrypt
certificate, so you should use your system CA certificates or the appropriate
Lets Encrypt CA certificate for verification." If I try to connect without passing any option for CA (as mentioned in the documentation for
test.mosquitto.org), the connection keeps failing without any information. If I provide a directory with the certificates (root and intermediate) as available here (
https://letsencrypt.org/certificates/), I get an error as 'unable to get issuer certificate'.
While the experiments were run on Mac, I would like to know if it is fair to assume that /etc/ssl/certs will have Let's Encrypt CA on most platforms. Specifically, can I rely on this certificate to be available on GCR Distroless
https://github.com/GoogleContainerTools/distroless ? I did use a multi-stage build to copy /etc/ssl/certs from base image - but, same error as in Experiment 2 below.
Therefore, if I do have to supply certificates externally, which certificates do I download?
Experiment 1 - No CA specified
Result:
Client disconnected.
Reconnecting
Experiment 2 - CA from Let's Encrypt used
Result:
Error: unable to get issuer certificate
Client disconnected.
Reconnecting
Thanks and regards,
Nagesh
