mosquitto-users team mailing list archive
-
mosquitto-users team
-
Mailing list archive
-
Message #00450
Re: Advanced certificate verification
Hi Remi,
Using OCSP isn't currently possible, nor is it possible to define your
own verifications. It seems like would be a good idea though.
mosquitto already uses the openssl callbacks it would be simple enough
to allow your own to be provided.
Cheers,
Roger
On Fri, Feb 7, 2014 at 1:35 PM, Remi SALEMBIER <remi.salembier@xxxxxxx> wrote:
> Hi,
>
>
>
> Mosquitto broker is currently able to verify certificates based on CRLs. It
> is not possible to proceed to custom advanced verifications (eg: online
> controls using OCSP).
>
> In the same way, Mosquitto client only allow to control (or not) the name of
> the certificate: if the certificate’s name matches the hostname of the
> server then it is considered verified.
>
>
>
> Is there any chance that Mosquitto allows to select a custom verify callback
> called by OpenSSL?
>
>
>
> Cheers,
>
> Remi
>
>
> --
> Mailing list: https://launchpad.net/~mosquitto-users
> Post to : mosquitto-users@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~mosquitto-users
> More help : https://help.launchpad.net/ListHelp
>
References