When I use mosquitto to establish a TLS connection with my client program on a router, it doesn't work.
Here is the error log:
[21028.515924]~DLT~14068~INFO ~FIFO /tmp/dlt cannot be opened. Retrying later...
1635324116: mosquitto version 1.6.9 starting
1635324116: Config loaded from /etc/mosquitto/mosquitto.conf.
1635324116: Opening ipv4 listen socket on port 8883.
1635324116: Opening ipv6 listen socket on port 8883.
1635324132: New connection from 192.168.8.1 on port 8883.
1635324132: OpenSSL Error[0]: error:1408F10B:SSL routines:ssl3_get_record:wrong version number
1635324132: Socket error on client <unknown>, disconnecting.
Here is my mosquitto.conf:
port 8883
cafile /mnt/d/Files/Desktop/Project/cert/ca/ca.crt
certfile /mnt/d/Files/Desktop/Project/cert/broker/broker.crt
keyfile /mnt/d/Files/Desktop/Project/cert/broker/broker.key
require_certificate true
tls_version tlsv1.2
Here is my client SSL code:
ssl_opts.trustStore = "/mnt/d/Files/Desktop/Project/cert/ca/ca.crt";
ssl_opts.keyStore = "/mnt/d/Files/Desktop/Project/cert/client/client.crt";
ssl_opts.privateKey = "/mnt/d/Files/Desktop/Project/cert/client/client.key";
ssl_opts.enableServerCertAuth = 1;
ssl_opts.verify = 1;
ssl_opts.sslVersion = MQTT_SSL_VERSION_TLS_1_2;
Here is more specific code of my client: publisher.h publisher.c agent.c
From the docs:
An optional array of null-terminated strings specifying the servers to which the client will connect. Each string takes the form protocol://host:port. protocol must be tcp or ssl. For host, you can specify either an IP address or a host name. For instance, to connect to a server running on the local machines with the default MQTT port, specify tcp://localhost:1883. If this list is empty (the default), the server URI specified on MQTTClient_create() is used.
Make sure your URL starts with ssl:// not just an IP address and port.