Error SSL/TLS connection in MQTT with mosquitto broker

[Maria L.]

I am trying to use a SSL/TLS encryption connection with openssl between a raspberry and the mosquitto broker. To do so, I have entered the following commands:

openssl genrsa -des3 -out ca.key 2048 

openssl req -new -x509 -days 2000 -key ca.key -out ca.crt 

openssl genrsa -out server.key 2048 

openssl req -new -out server.csr -key server.key 

openssl x509 -req -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt -days 410

Then I have move the ca_certificates folder under /etc/mosquitto/ca_certificates and also the server certificate and key in the certs folder.

Now, I try to publish a message such as mosquitto_pub --cafile ca.crt -h localhost -t Valve -m 2, but the following error appears:

Error: Connection refused

What I have in the mosquitto.conf is:

cafile ca.crt 

certfile server.crt 

keyfile server.key 

 pid_file /run/mosquitto/mosquitto.pid 

 persistence true 

persistence_location /var/lib/mosquitto/ log_dest file /var/log/mosquitto/mosquitto.log include_dir /etc/mosquitto/conf.d port 8883

Do you have any idea of where is my error? I think it might be related to the fact that I didn't use the same common name for the CA and the server certificate. If this is the problems, how could I fix it?