Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Client certificate authentication not working #86

Open
numericOverflow opened this issue Dec 25, 2020 · 4 comments
Open

Client certificate authentication not working #86

numericOverflow opened this issue Dec 25, 2020 · 4 comments

Comments

@numericOverflow
Copy link

I'm on a (rooted) Samsung Note10+ running Android 10, trying to connect to a personal mosquitto broker I'm running. Authentication is via certificates only, and that works fine using the same certificates on my windows machine via MQTT-Explorer (v0.3.5). Given that, I don't think the issue is with the certs themselves.

I've copied the 3 certs (CA/Cert/Key) over from my linux based PKI, but it appears as though they are not being used when connecting to my mosquitto broker. I get the error shown below in my mosquitto logs saying "peer did not return a certificate"

I can provide more detail of you need it, just let me know how I can help.

I'm running MQTTClient version 4.5.1

2020-12-25_16:49:41: New connection from 192.168.1.1:40940 on port 8883.
2020-12-25_16:49:41: OpenSSL Error[0]: error:1417C0C7:SSL routines:tls_process_client_certificate:peer did not return a certificate
2020-12-25_16:49:41: Bad socket read/write on client <unknown>, disconnecting.

Screenshot_20201225-165616_MQTT Client2

Screenshot_20201225-170514_MQTT Client
@numericOverflow
Copy link
Author

FYI - I also tried with a PKCS12 file container of the certificates, and I get the same error from mosquitto: "tls_process_client_certificate:peer did not return a certificate"

@andreapx
Copy link

andreapx commented Jul 24, 2021
edited
Loading

I've got a problem too with the SSL connection.
On the server log I see:
OpenSSL Error[0]: error:14035416:SSL routines:ACCEPT_SR_CERT:sslv3 alert certificate unknown OpenSSL Error[1]: error:140350E5:SSL routines:ACCEPT_SR_CERT:ssl handshake failure Client <unknown> disconnected: Protocol error.

The certificate is working on a linux client.
@numericOverflow did you manage to solve this problem?

@numericOverflow
Copy link
Author

@andreapx - I never did get it working. I messed around with it for quite a while but could never get it to work correctly. The project I needed it for hit some other issues and stalled, so I kind of abandoned this issue.

Just curiously, what broker are you using?

@andreapx
Copy link

andreapx commented Jul 24, 2021
edited
Loading

Just curiously, what broker are you using?

I'm using Mosqitto and I don't have any problem using it with Node Red.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@numericOverflow @andreapx