mosquitto-users team mailing list archive

Thread
Date

Re: SSL3_GET_SERVER_CERTIFICATE error with mosquitto_pub

To: ನಾಗೇಶ್ ಸುಬ್ರಹ್ಮಣ್ಯ (Nagesh S) <nageshblore@xxxxxxxxx>
From: Roger Light <roger@xxxxxxxxxx>
Date: Wed, 9 Oct 2013 21:27:03 +0100
Cc: "mosquitto-users@xxxxxxxxxxxxxxxxxxx" <mosquitto-users@xxxxxxxxxxxxxxxxxxx>
In-reply-to: <CAK6GkD26bu+8kqcFkMkOvXTfVfgqF=wodSZpPPVL9jJXYy7r7w@mail.gmail.com>
Sender: rogerlight@xxxxxxxxx

Hi,

The problem is most likely that your server certificate doesn't match
the hostname of your server (hence the "certificate verify failed"
message).

I presume that a.mqtt.broker isn't the proper hostname, but it should
match the CN or a subjectAltName in the certificate.

> s_client -host a.mqtt.broker ...

>  0 s:/C=AB/ST=AB/L=FooBar Land/O=FooBar Ltd/OU=FooBar Security/CN=mqttBroker

So this case, assuming you don't have subjectAltName entries in the
server your server hostname would have to be mqttBroker.

Cheers,

Roger

Follow ups

Re: SSL3_GET_SERVER_CERTIFICATE error with mosquitto_pub
From: Nagesh S, 2013-10-10

References

SSL3_GET_SERVER_CERTIFICATE error with mosquitto_pub
From: Nagesh S, 2013-10-09