Packard_Goose
SSL with Tortoise lib not working
I’m trying to create a secure connection to an MQTT broker using Tortoise however I receive an error {:error, {:options, {:cert, '/Users/packardgoose/Desktop/host.cert'}}} I’m not sure what I’m doing wrong, should the certificate be a .pem file? I should be able to use a directory for this argument according to some documentation I read.
Here’s the code
@cert '/Users/packardgoose/Desktop/host.cert'
@key '/Users/packardgoose/Desktop/host.key'
{:ok, _pid} = Tortoise.Supervisor.start_child(
client_id: "my_id",
handler: {Tortoise.Handler.Logger, []},
server:
{Tortoise.Transport.SSL,
[host: 'getahos.io',
port: 8885,
cacertfile: :certifi.cacertfile(),
key: @key,
cert: @cert
]},
keep_alive: 300000,
user_name: Keyword.fetch!(state_tokens, :mqtt_token),
password: Keyword.fetch!(state_tokens, :mqtt_token_pass))
Marked As Solved
voltone
You can either pass in paths to PEM files using the certfile and keyfile options, or DER encoded binary values using the cert and key options.
Also Liked
voltone
I’d have to have a look at the error message you’re getting. But if I had to venture a guess, the server might have a wildcard certificate, which is unfortunately not handled very well by Erlang/OTP.
If that is indeed the case, then you have two options:
-
If you’re on OTP 21, add
customize_hostname_check: [match_fun: :public_key.pkix_verify_hostname_match_fun(:https)]to the SSL options -
If you’re on an older version, you could use the
ssl_verify_funpackage to handle the hostname verification
Popular in Questions
Other popular topics
Categories:
Sub Categories:
Forums
Popular Tags
- #ecto
- #liveview
- #troubleshooting
- #learning-elixir
- #deployment
- #library
- #erlang
- #testing
- #genserver
- #mix
- #absinthe
- #remote-other
- #otp
- #plug
- #how-to-question
- #macros
- #postgres
- #channels
- #elixirconf
- #exunit
- #discussion
- #code-sync
- #javascript
- #podcasts
- #onsite
- #dialyzer
- #docker
- #authentication
- #umbrella
- #full-time-contract
- #podcasts-by-brainlid
- #ecto-query
- #elixir-ls
- #phoenix_html
- #iex
- #blog-post
- #graphql
- #genstage
- #ai
- #websockets
- #supervisor
- #advent-of-code
- #elixirconf-us
- #distillery
- #processes
- #forms
- #api
- #metaprogramming
- #security
- #performance








