Hi All
I am able to configure secure VerneMQ secure with Auth using files following reference link Auth using files - VerneMQ
Now I would like configure VerneMQ to use SSL/TLS for transport.
Thank you for your help and support
Regards, Bao
Hi All
I am able to configure secure VerneMQ secure with Auth using files following reference link Auth using files - VerneMQ
Now I would like configure VerneMQ to use SSL/TLS for transport.
Thank you for your help and support
Regards, Bao
Hi,
it’d be helpful to me if you let me know where the documentation is incomplete.
In short, what you need to do is to configure a TLS endpoint in the vernemq.conf
file. Example for a TLS listener called default
:
listener.ssl.default = 127.0.0.1:8883
listener.ssl.default.cafile = /etc/ssl/cacerts.pem
listener.ssl.default.certfile = /etc/ssl/cert.pem
listener.ssl.default.keyfile = /etc/ssl/key.pem
You can configure more, of course (like requesting Client certificates, and more TLS details). But above is basically what you need to do: give VerneMQ the needed information to configure a TLS listener. (cert.pem
is the TLS Server certificate, key.pem
is the private key of that certificate, cacerts.pem
is the file with needed Certificate authorities).
Hi @afa
Thank you very much for reply.
I think documentation SSL/TLS from URL MQTT Listeners - VerneMQ is incomplete in explaining steps to generate certificates. I have to alot digging and search from Google to achieve this. For example
This will help developers and DevOps who want to use VerneMQ.
Thank you for your help and support
Regards, Bao
@baoquach thanks for your input. I’ll see that I can add those notes as suggested.
Usually, the question of TLS certificates is out of scope, as use cases have pre-existing requirements and cert infrastructure in place. But your remark about dev/devops is very valid.