← Back to team overview

mosquitto-users team mailing list archive

Re: SSL3_GET_SERVER_CERTIFICATE error with mosquitto_pub

 

Hi,

The problem is most likely that your server certificate doesn't match
the hostname of your server (hence the "certificate verify failed"
message).

I presume that a.mqtt.broker isn't the proper hostname, but it should
match the CN or a subjectAltName in the certificate.

> s_client -host a.mqtt.broker ...

>  0 s:/C=AB/ST=AB/L=FooBar Land/O=FooBar Ltd/OU=FooBar Security/CN=mqttBroker

So this case, assuming you don't have subjectAltName entries in the
server your server hostname would have to be mqttBroker.

Cheers,

Roger


Follow ups

References