New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unable to use TLS in CLI tools with system default CAs #1824
Milestone
Comments
You can use |
Also, the path is different on all platforms. |
ralight
added a commit
that referenced
this issue
Dec 1, 2020
- Add `MOSQ_OPT_TLS_USE_OS_CERTS` option, to instruct the client to load and trust OS provided CA certificates for use with TLS connections. - All clients now load OS provided CA certificates if used with `-L mqtts:https://...`, or if port is set to 8883 and no other CA certificates are used. Closes #1824. - Add the `--tls-use-os-certs` option to all clients. Closes #1824. Thanks to Jens Reimann.
This is now done in |
fAuernigg
pushed a commit
to fAuernigg/mosquitto
that referenced
this issue
Jan 4, 2021
- Add `MOSQ_OPT_TLS_USE_OS_CERTS` option, to instruct the client to load and trust OS provided CA certificates for use with TLS connections. - All clients now load OS provided CA certificates if used with `-L mqtts:https://...`, or if port is set to 8883 and no other CA certificates are used. Closes eclipse#1824. - Add the `--tls-use-os-certs` option to all clients. Closes eclipse#1824. Thanks to Jens Reimann.
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Using a simple command line like:
I would expect that the command line client tries to establish a connection using TLS, using the system wide CAs. Like
curl
, "HTTPie", …However,
mosquitto_pub
silently uses non-TLS, which (in the best case) would simply fail:The text was updated successfully, but these errors were encountered: