← Back to team overview

mosquitto-users team mailing list archive

Re: SSL connection from Java client to mosquitto broker: "no certificate returned"

 

Hi Sharon,

> 3) Invoked
> mosquitto_sub -v -p 1883 --cafile etc/ca.crt --cert etc/client.crt --key etc/client.key -t \$SYS/#
> at the prompt, entered PEM passphrase
> got " Error: Protocol error" and server produced
> OpenSSL Error: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned
>
> This is NOT as expected...

Agreed! Could you please let me know some details of the system you
are running on? Distro version and openssl version would be the best
if you have them.

If you run "make test" in the mosquitto source directory does it
complete successfully? It needs Python 2.7 to run the SSL tests
(Python 2.6 SSL support is poor) and also runs Python client tests
with Python 3.x. If you don't have Python 3.x installed, it will fail
at this point although they are the last set of tests to run.

If the above tests work, could you try re-running your scenario above,
but using the certificate and key files from the test/ssl/ directory?
Use test-ca.crt as the CA certificate, server.crt and server.key for
the server and client.crt and client.key for the mosquitto_sub client.

Cheers,

Roger


Follow ups

References