Mosquitto SSL config error
I tried to configure SSL for mostquitto following these steps .
When I restart mosquitto the error occurs:
1435120150: mosquitto version 1.4.2 (build date Mon, 18 May 2015 15:25:19 +0100) starting
1435120150: Config loaded from /etc/mosquitto/mosquitto.conf.
1435120150: Opening ipv4 listen socket on port 8883.
1435120150: Error: Unable to create TLS context.
This is my mosquito config:
pid_file /var/run/mosquitto.pid
persistence true
persistence_location /var/lib/mosquitto/
log_dest file /var/log/mosquitto/mosquitto.log
include_dir /etc/mosquitto/conf.d
bind_address Dell
port 8883
cafile /etc/mosquitto/ca_certificates/ca.crt
certfile /etc/mosquitto/certs/Dell.crt
keyfile /etc/mosquitto/certs/Dell.key
tls_version tlsv1
How do I set it up correctly?
Unable to create TLS context
suggests that the call SSL_CTX_new()
failed. This is correct at the beginning of configuring the SSL settings for a listening socket, and very unexpected.
The only thing you can do to influence this is check your openssl version and change / remove the parameter tls_version
. Removal is the best choice unless you have a very specific reason to disallow TLSv1.1 or TLSv1.2 (or TLSv1.3 in the future).
Please check the client system time and ssl certificate end date, client system time must be between the start and end time of the ssl certificate
Check customer system date:
date
Check expiration date of openssl certificate:
openssl x509 -enddate -noout -in cacert.pem
Another solution ... for [another] specific reason.
For the error "Error: Configuring TLS Parameters", one specific reason was recorded as follows:
- in the mosquitto config file, the config parameter lines with the certificate, key and CA names contained a space character after each filename and before the end of line character.
- removing the space before the end-of-line character caused the error to not appear again.
- then broker mosquitto started without error.