Hi,
Hoping that this is the right forum to ask questions for
MQTT test brokers, I am unable to connect to port 8081. As
described at
test.mosquitto.org, "Port 8081
has a Lets Encrypt
certificate, so you should use your system CA certificates or
the appropriate
Lets Encrypt CA certificate for verification." If I try to
connect without passing any option for CA (as mentioned in the
documentation for
test.mosquitto.org), the
connection keeps failing without any information. If I provide
a directory with the certificates (root and intermediate) as
available here (
https://letsencrypt.org/certificates/),
I get an error as 'unable to get issuer certificate'.
While the experiments were run on Mac, I would like to know
if it is fair to assume that /etc/ssl/certs will have Let's
Encrypt CA on most platforms. Specifically, can I rely on this
certificate to be available on GCR Distroless
https://github.com/GoogleContainerTools/distroless
? I did use a multi-stage build to copy /etc/ssl/certs from
base image - but, same error as in Experiment 2 below.
Therefore, if I do have to supply certificates externally,
which certificates do I download?
Experiment 1 - No CA specified
Result:
Client disconnected.
Reconnecting
Experiment 2 - CA from Let's Encrypt used
Result:
Error: unable to get issuer certificate
Client disconnected.
Reconnecting
Thanks and regards,
Nagesh