[英]mosquitto_sub gives certificate verify failed error
I get the following error when I try to subscribe to a topics using by certs:当我尝试使用证书订阅主题时出现以下错误:
Command:命令:
mosquitto_sub -d -v --capath <path_to_file>/xxx.pem --cert <path_to_file>/yyy.pem.crt --key <path_to_file>/zzz.pem.key -h "<my_endpoint>" -p 8883 -t "<my_topic>"
Client (null) sending CONNECT
OpenSSL Error[0]: error:0A000086:SSL routines::certificate verify failed
Error: A TLS error occurred.
I have checked the permission of the certificates and also provided the correct paths, but still not sure why I am hitting this error.我已经检查了证书的权限并提供了正确的路径,但仍然不确定为什么会遇到此错误。
As pointed out in the comments正如评论中指出的
--capath
is used to point to a directory full of CA certificates --capath
用于指向一个全是CA证书的目录--cafile
is used to point to a single certificate file --cafile
用于指向单个证书文件From the man page从手册页
--cafile
Define the path to a file containing PEM encoded CA certificates that are trusted.定义包含受信任的 PEM 编码 CA 证书的文件的路径。 Used to enable SSL communication.用于启用 SSL 通信。
See also --capath另见 --capath
--capath
Define the path to a directory containing PEM encoded CA certificates that are trusted.定义包含受信任的 PEM 编码 CA 证书的目录的路径。 Used to enable SSL communication.用于启用 SSL 通信。
For --capath to work correctly, the certificate files must have ".crt" as the file ending and you must run "openssl rehash " each time you add/remove a certificate.要使 --capath 正常工作,证书文件必须以“.crt”作为文件结尾,并且每次添加/删除证书时都必须运行“openssl rehash”。
See also --cafile另见 --cafile
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.