Skip to content

wbuntu/mosquitto-tls

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits

Dockerfile

Dockerfile

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

caCert.pem

caCert.pem

 
 

caKey.pem

caKey.pem

 
 

mosquitto

mosquitto

 
 

mosquitto.conf

mosquitto.conf

 
 

passwdfile

passwdfile

 
 

serverCert.pem

serverCert.pem

 
 

serverKey.pem

serverKey.pem

 
 

Repository files navigation

mosquitto-tls

A mosquitto tls configuration guide

Mosquitto version 1.4.14

Self signed caCert and serverCert

For local test

docker run --name mqtt -d -p 1883:1883 wbuntu/mosquitto-tls:1.0.0

access the broker with URL tls://127.0.0.1, port 1883 with caCert.pem

For online test

1.Install strongswan with brew on macOS or apt on Ubuntu

2.Generate a new serverCert.pem with ipsec pki

ipsec pki --pub --in serverKey.pem | ipsec pki --issue --cacert caCert.pem --cakey caKey.pem --dn "C=CH, O=Wbuntu, CN=MQTT" --san="Your server domain name or IP address" --flag serverAuth --outform pem --lifetime 3650 > serverCert.pem

you can add multiple --san value if you wish

For production environment

1.You Must generate all certs by yourself

2.build a new image or mount a folder which contains all necessary files to /etc/mosquitto

Access Mosquitto TLS Configure (Chinese) for more detail.

About

mosquitto tls configure

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published