Vernemq ACL for working
105 views
Skip to first unread message
roy
Feb 17, 2022, 1:08:21 PM2/17/22
to vernemq-users
I want to add ACL to control clients access to MQTT topics. My MQTT has SSL auth and each client has cert with format `<UUID>.example.com`. But there is base cert (`base.example.com`) which is also issued by same CA (private) and client doesn't use it during normal functioning. This is used for different purpose in the system and want to block compromised client from using this cert to connect to MQTT, but all other certs should be able to connect to MQTT.
To accomplish this I have added following ACL & successfully able to test it.
```
topic test/test/#
user base.example.com
```
But with above ACL user with cert `base.example.com` can connect and publish/subscribe to MQTT.
is there any better way to achieve this ?
To accomplish this I have added following ACL & successfully able to test it.
```
topic test/test/#
user base.example.com
```
But with above ACL user with cert `base.example.com` can connect and publish/subscribe to MQTT.
is there any better way to achieve this ?
Reply all
Reply to author
Forward
0 new messages