Reputation: 19
mosquitto_sub gives certificate verify failed error
I get the following error when I try to subscribe to a topics using by certs:
Command:
mosquitto_sub -d -v --capath <path_to_file>/xxx.pem --cert <path_to_file>/yyy.pem.crt --key <path_to_file>/zzz.pem.key -h "<my_endpoint>" -p 8883 -t "<my_topic>"
Client (null) sending CONNECT
OpenSSL Error[0]: error:0A000086:SSL routines::certificate verify failed
Error: A TLS error occurred.
I have checked the permission of the certificates and also provided the correct paths, but still not sure why I am hitting this error.
Upvotes: 0
Views: 394
Answers (1)
Reputation: 59608
As pointed out in the comments
--capathis used to point to a directory full of CA certificates--cafileis used to point to a single certificate file
From the man page
--cafileDefine the path to a file containing PEM encoded CA certificates that are trusted. Used to enable SSL communication.
See also --capath
--capathDefine the path to a directory containing PEM encoded CA certificates that are trusted. Used to enable SSL communication.
For --capath to work correctly, the certificate files must have ".crt" as the file ending and you must run "openssl rehash " each time you add/remove a certificate.
See also --cafile
Upvotes: 1
Related Questions
- Get Storage Account size using Powershell using AZMetrics often returns 0
- PowerShell to list all Azure VM data disk size confusion
- Azure Data Lake Gen 1 vs Gen 2
- What is the difference between Azure's "Data Lake Storage Gen2" and "Data Lake Gen2"?
- Query blob storage with Get-AzDataLakeGen2ChildItem?
- Differences between Get-AzPolicyState from Powershell and az policy state list form az cli
- Get-AzVM data disk total size with Azure powershell cmdlets
- Powershell: Get-Item vs Get-ChildItem
- Powershell cmdlet differences for the same operation
- Difference b/w New-AzureRmPolicyDefinition and New-AzPolicyDefinition