← Back to team overview

mosquitto-users team mailing list archive

Re: SSL: Endlessly Enter PEM pass phrase prompt

 

Hi Steve,

Great, glad you got it working.

Cheers,

Roger




On Mon, Aug 12, 2013 at 9:25 PM, Steven Luke <stevejluke@xxxxxxxxx> wrote:

> Hi Roger,
>
> That was it: I had been putting all the same information into the data
> fields for all the clients I wanted to talk with each other and the broker.
>  I guess the protocol doesn't like that.  I had to vary the Common Name and
> the Challenge Passphrase for each key:cert pair I made.  After that it all
> went well (including using passwords).
>
> Thanks,
> Steve
>
>
> On Mon, Aug 12, 2013 at 9:09 AM, Roger Light <roger@xxxxxxxxxx> wrote:
>
>> Hi Steve,
>>
>> It sounds like the connection is failing at some point and then
>> attempting to reconnect, which is what is triggering the pass phrase
>> request. The mosquitto pub/sub utilities only offer keyboard entry of pass
>> phrases. It would be fairly straightforward to add your own method to
>> obtain the password though.
>>
>> There is more to your problem than that though, as you know! I would
>> suggest starting out using the simplest case - no client authentication
>> required. If that works then move on to providing a client certificate but
>> not requiring it and so on. You may also wish to try with the ssl
>> certificates from the test/ssl/ directory as these are "known good". One
>> thing to be careful of when generating your certificates is to ensure that
>> you make each certificate unique. I had a very confusing time in the past
>> when I made a CA certificate and a server certificate with the exact same
>> details.
>>
>> Cheers,
>>
>> Roger
>>
>>
>>
>> On Fri, Aug 9, 2013 at 2:13 PM, Steven Luke <stevejluke@xxxxxxxxx> wrote:
>>
>>> I am trying to get SSL working.  I followed the directions here:
>>> http://mosquitto.org/man/mosquitto-tls-7.html to generate the
>>> certificates and what not.
>>>
>>> When I try to connect to the server I get the below:
>>> [image: Inline image 1]
>>>
>>> 1) In the first attempt, I typed in the wrong pass phrase, so I get an
>>> 'Unable to connect' error - this is what I expect.
>>>
>>> 2) But the second time I type in the correct pass phrase.  When I do so,
>>> I get prompted for the pass phrase again and again.  From here on out, it
>>> does not matter if I type the correct or incorrect phrase, I just keep
>>> getting prompted until I CTRL-C.
>>>
>>> Any idea what might be happening or how I could get around it?
>>>
>>> More details:
>>> I made the certs on Ubuntu, but am deploying the broker on Windows 7
>>> Pro.  My clients will be Windows, Android, and iPhone, so for now i am
>>> testing with the Windows mosquitto_sub client and will move on to others
>>> when I can run.  I have tried on multiple (Win Vista and Win 7) computers
>>> and have re-made the certs and keys a half-dozen times and get the same
>>> thing happening.
>>>
>>> Would appreciate any help, thanks.
>>> Steve
>>>
>>>
>>>
>>>
>>>
>>>
>>> --
>>> Mailing list: https://launchpad.net/~mosquitto-users
>>> Post to     : mosquitto-users@xxxxxxxxxxxxxxxxxxx
>>> Unsubscribe : https://launchpad.net/~mosquitto-users
>>> More help   : https://help.launchpad.net/ListHelp
>>>
>>>
>>
>
> --
> Mailing list: https://launchpad.net/~mosquitto-users
> Post to     : mosquitto-users@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~mosquitto-users
> More help   : https://help.launchpad.net/ListHelp
>
>

PNG image


Follow ups

References