mosquitto-users team mailing list archive
-
mosquitto-users team
-
Mailing list archive
-
Message #00276
Re: SSL: Endlessly Enter PEM pass phrase prompt
Hi Roger,
That was it: I had been putting all the same information into the data
fields for all the clients I wanted to talk with each other and the broker.
I guess the protocol doesn't like that. I had to vary the Common Name and
the Challenge Passphrase for each key:cert pair I made. After that it all
went well (including using passwords).
Thanks,
Steve
On Mon, Aug 12, 2013 at 9:09 AM, Roger Light <roger@xxxxxxxxxx> wrote:
> Hi Steve,
>
> It sounds like the connection is failing at some point and then attempting
> to reconnect, which is what is triggering the pass phrase request. The
> mosquitto pub/sub utilities only offer keyboard entry of pass phrases. It
> would be fairly straightforward to add your own method to obtain the
> password though.
>
> There is more to your problem than that though, as you know! I would
> suggest starting out using the simplest case - no client authentication
> required. If that works then move on to providing a client certificate but
> not requiring it and so on. You may also wish to try with the ssl
> certificates from the test/ssl/ directory as these are "known good". One
> thing to be careful of when generating your certificates is to ensure that
> you make each certificate unique. I had a very confusing time in the past
> when I made a CA certificate and a server certificate with the exact same
> details.
>
> Cheers,
>
> Roger
>
>
>
> On Fri, Aug 9, 2013 at 2:13 PM, Steven Luke <stevejluke@xxxxxxxxx> wrote:
>
>> I am trying to get SSL working. I followed the directions here:
>> http://mosquitto.org/man/mosquitto-tls-7.html to generate the
>> certificates and what not.
>>
>> When I try to connect to the server I get the below:
>> [image: Inline image 1]
>>
>> 1) In the first attempt, I typed in the wrong pass phrase, so I get an
>> 'Unable to connect' error - this is what I expect.
>>
>> 2) But the second time I type in the correct pass phrase. When I do so,
>> I get prompted for the pass phrase again and again. From here on out, it
>> does not matter if I type the correct or incorrect phrase, I just keep
>> getting prompted until I CTRL-C.
>>
>> Any idea what might be happening or how I could get around it?
>>
>> More details:
>> I made the certs on Ubuntu, but am deploying the broker on Windows 7 Pro.
>> My clients will be Windows, Android, and iPhone, so for now i am testing
>> with the Windows mosquitto_sub client and will move on to others when I can
>> run. I have tried on multiple (Win Vista and Win 7) computers and have
>> re-made the certs and keys a half-dozen times and get the same thing
>> happening.
>>
>> Would appreciate any help, thanks.
>> Steve
>>
>>
>>
>>
>>
>>
>> --
>> Mailing list: https://launchpad.net/~mosquitto-users
>> Post to : mosquitto-users@xxxxxxxxxxxxxxxxxxx
>> Unsubscribe : https://launchpad.net/~mosquitto-users
>> More help : https://help.launchpad.net/ListHelp
>>
>>
>
Follow ups
References