Where to download the SSL .crt flie while making SSL Connection in Windows?


#1

Hello Gentlemen,
I am trying to test mymqtthub using mosquitto broker in my Windows machine, It works fine with normal TCP/IP Connection. But when I try to follow the steps shown in manual pages for SSL connection I am getting a message TLS error occured, Only then I figured out that the --capath mentioned is actually a directory in Linux. so where shall I download the .crt file to point to in Windows machine while making the SSL Connectoion


#2

Hello,

See the following article. Even though it applies to MacOS/X is the same problem: mosquitto does not load system certfiicates when connecting to TLS/SSL:


#3

Hello Francis,
I understand that the certificates has to be placed in a temporary folder for proper functioning and openssl to understand, but where do i get the CA certificate and server certificate to initiate the SSL Connection to myqtthub


#4

Did you see solution from mentioned article?

To connect to MyQttHub.com you just need public root certificates from known CAs (Certificate Authorities) to be available to mosquitto using --capath

This happens automatically for Linux stations because OpenSSL (the SSL library used by mosquitto) is configured in a way it loads certificates (usually) from /etc/ssl/certs where all public root CA certificates are made available by the OS distro maintainers.

That is, there is no such ā€œCA certificate and server certificate to initiate the SSL connection to MyQttHubā€.

Just regular publicly signed x509 SSL certificate and for that you need your software to have access to public root certificates.