Ewon TechForum
Providing technical solutions to technical requests


Issue when creating your own MQTT broker with encryption
simon Offline
eWON Support
#1
Hi Guys,

I have been facing an issue recently that I would like to share with you.

Some customers wanted to host their own MQTT broker like Mosquitto or https://www.bevywise.com/mqtt-broker/help/

For these custom brokers, they obviously also wanted to enable the TLS/SSL encryption.  For this, they generated their own CA and server certificates / keys but it did not work with Flexy, although it was working with MQTTFx (https://mqttfx.jensd.de/)

The issue was that, to make it working with Ewon Flexy, the certificate must contain a "DNS Name" value in the" Subject Alt Names" field of the server certificate.  This DNS Name must match with the URL or IP that the Flexy will really connect. See
.png   servercert.png (Size: 54,15 KB / Downloads: 50)

To generate this server certificate, you can use the manual command of OpenSSL.  Just google it :-)
Personally, I have used this project https://github.com/fcgdam/easy-ca (Be careful it only run under Linux and the OpenSSL version must be up to date. I used 1.0.2s)

Simon
Reply



Possibly Related Threads…
09-03-2020, 02:29 PM
Last Post: simon
06-03-2020, 06:39 PM
Last Post: simon
  Creating Totaliser Within eWON Started by Josh
3 Replies - 1.006 Views
14-02-2020, 06:06 PM
Last Post: simon
24-01-2020, 09:45 PM
Last Post: tedsch
02-12-2019, 11:25 PM
Last Post: simon
27-11-2019, 10:30 PM
Last Post: simon
  PUTFTP Issue Started by thibaud.agnoletto
3 Replies - 500 Views
16-09-2019, 09:28 AM
Last Post: simon
13-08-2019, 04:06 PM
Last Post: gomzy04
  MQTT hangs Started by Tecmafra
1 Replies - 591 Views
26-07-2019, 10:12 AM
Last Post: SivakumarRn
19-07-2019, 06:00 PM
Last Post: simon



Users browsing this thread:
1 Guest(s)



Theme © Ewon 2019 - Forum software by © MyBB - Cookie policy