mosquitto-users team mailing list archive

Thread
Date

mosquitto-users team
Mailing list archive
Message #00442

Advanced certificate verification

To: "'mosquitto-users@xxxxxxxxxxxxxxxxxxx'" <mosquitto-users@xxxxxxxxxxxxxxxxxxx>
From: Remi SALEMBIER <remi.salembier@xxxxxxx>
Date: Fri, 7 Feb 2014 13:35:56 +0000
Accept-language: fr-FR, en-US
Thread-index: Ac8kCCQYBe9+fCDdQ4yUVYkPdn1CwQ==
Thread-topic: Advanced certificate verification

Hi,

Mosquitto broker is currently able to verify certificates based on CRLs. It is not possible to proceed to custom advanced verifications (eg: online controls using OCSP).
In the same way, Mosquitto client only allow to control (or not) the name of the certificate: if the certificate's name matches the hostname of the server then it is considered verified.

Is there any chance that Mosquitto allows to select a custom verify callback called by OpenSSL?

Cheers,
Remi

Follow ups

Re: Advanced certificate verification
From: Roger Light, 2014-02-18