Error SSL/TLS connection in MQTT with mosquitto broker

39 views
Skip to first unread message

Maria L.

unread,
May 26, 2022, 12:37:56 PMMay 26
to MQTT

I am trying to use a SSL/TLS encryption connection with openssl between a raspberry and the mosquitto broker. To do so, I have entered the following commands:

openssl genrsa -des3 -out ca.key 2048 
openssl req -new -x509 -days 2000 -key ca.key -out ca.crt 
openssl genrsa -out server.key 2048 
openssl req -new -out server.csr -key server.key 
openssl x509 -req -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt -days 410

Then I have move the ca_certificates folder under /etc/mosquitto/ca_certificates and also the server certificate and key in the certs folder.

Now, I try to publish a message such as mosquitto_pub --cafile ca.crt -h localhost -t Valve -m 2, but the following error appears:

Error: Connection refused

What I have in the mosquitto.conf is:

cafile ca.crt 
certfile server.crt 
keyfile server.key 
 pid_file /run/mosquitto/mosquitto.pid 
 persistence true 
persistence_location /var/lib/mosquitto/ log_dest file /var/log/mosquitto/mosquitto.log include_dir /etc/mosquitto/conf.d port 8883

Do you have any idea of where is my error? I think it might be related to the fact that I didn't use the same common name for the CA and the server certificate. If this is the problems, how could I fix it?

Reply all
Reply to author
Forward
0 new messages