mosquitto-users team mailing list archive

Thread
Date

Re: SSL: Endlessly Enter PEM pass phrase prompt

To: Steven Luke <stevejluke@xxxxxxxxx>
From: Roger Light <roger@xxxxxxxxxx>
Date: Mon, 12 Aug 2013 14:09:51 +0100
Cc: mosquitto-users <mosquitto-users@xxxxxxxxxxxxxxxxxxx>
In-reply-to: <CAFjkL_+LNXLKqaUG4y9Xt8i30nZhQcXKS7a1gh8NJ9mR458hOw@mail.gmail.com>
Sender: rogerlight@xxxxxxxxx

Hi Steve,

It sounds like the connection is failing at some point and then attempting
to reconnect, which is what is triggering the pass phrase request. The
mosquitto pub/sub utilities only offer keyboard entry of pass phrases. It
would be fairly straightforward to add your own method to obtain the
password though.

There is more to your problem than that though, as you know! I would
suggest starting out using the simplest case - no client authentication
required. If that works then move on to providing a client certificate but
not requiring it and so on. You may also wish to try with the ssl
certificates from the test/ssl/ directory as these are "known good". One
thing to be careful of when generating your certificates is to ensure that
you make each certificate unique. I had a very confusing time in the past
when I made a CA certificate and a server certificate with the exact same
details.

Cheers,

Roger

On Fri, Aug 9, 2013 at 2:13 PM, Steven Luke <stevejluke@xxxxxxxxx> wrote:

> I am trying to get SSL working.  I followed the directions here:
> http://mosquitto.org/man/mosquitto-tls-7.html to generate the
> certificates and what not.
>
> When I try to connect to the server I get the below:
> [image: Inline image 1]
>
> 1) In the first attempt, I typed in the wrong pass phrase, so I get an
> 'Unable to connect' error - this is what I expect.
>
> 2) But the second time I type in the correct pass phrase.  When I do so, I
> get prompted for the pass phrase again and again.  From here on out, it
> does not matter if I type the correct or incorrect phrase, I just keep
> getting prompted until I CTRL-C.
>
> Any idea what might be happening or how I could get around it?
>
> More details:
> I made the certs on Ubuntu, but am deploying the broker on Windows 7 Pro.
>  My clients will be Windows, Android, and iPhone, so for now i am testing
> with the Windows mosquitto_sub client and will move on to others when I can
> run.  I have tried on multiple (Win Vista and Win 7) computers and have
> re-made the certs and keys a half-dozen times and get the same thing
> happening.
>
> Would appreciate any help, thanks.
> Steve
>
>
>
>
>
>
> --
> Mailing list: https://launchpad.net/~mosquitto-users
> Post to     : mosquitto-users@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~mosquitto-users
> More help   : https://help.launchpad.net/ListHelp
>
>

Follow ups

Re: SSL: Endlessly Enter PEM pass phrase prompt
From: Steven Luke, 2013-08-12

References

SSL: Endlessly Enter PEM pass phrase prompt
From: Steven Luke, 2013-08-09