Where to download the SSL .crt flie while making SSL Connection in Windows?


#1

Hello Gentlemen,
I am trying to test mymqtthub using mosquitto broker in my Windows machine, It works fine with normal TCP/IP Connection. But when I try to follow the steps shown in manual pages for SSL connection I am getting a message TLS error occured, Only then I figured out that the --capath mentioned is actually a directory in Linux. so where shall I download the .crt file to point to in Windows machine while making the SSL Connectoion


#2

Hello,

See the following article. Even though it applies to MacOS/X is the same problem: mosquitto does not load system certfiicates when connecting to TLS/SSL:


#3

Hello Francis,
I understand that the certificates has to be placed in a temporary folder for proper functioning and openssl to understand, but where do i get the CA certificate and server certificate to initiate the SSL Connection to myqtthub


#4

Did you see solution from mentioned article?

To connect to MyQttHub.com you just need public root certificates from known CAs (Certificate Authorities) to be available to mosquitto using --capath

This happens automatically for Linux stations because OpenSSL (the SSL library used by mosquitto) is configured in a way it loads certificates (usually) from /etc/ssl/certs where all public root CA certificates are made available by the OS distro maintainers.

That is, there is no such “CA certificate and server certificate to initiate the SSL connection to MyQttHub”.

Just regular publicly signed x509 SSL certificate and for that you need your software to have access to public root certificates.