paho-mqtt-python publish single with TLS ca_certs from server
Question
I'm trying to connect to "mqtts://broker.emqx.io:8883" using paho mqtt but getting the invalid certificate error.
tls = { 'ca_certs': "certificate.pem", 'insecure': False, 'tls_version': ssl.PROTOCOL_TLS_CLIENT }
publish.single( topic="testtopic\", payload=payload, hostname="broker.emqx.io", auth={}, port=8883, tls=tls, protocol=mqtt.MQTTv311 )
I don't want it to be insecure and want to get the certificate from the server instead of providing a certificate file manually. It would be a great help if someone could guide me in a right direction.
1 answers
solution1
0 2020-10-01 14:40:42
The ca_certs file should not come from the server, it's suppose to contain the certs for the Certificate Authority chain that signed the certificate used by the broker.
So in this case it should hold 1 the certificate chain from:
- Sectigo RSA Domain Validation Secure Server CA
- USERTrust RSA Certification Authority
- AAA Certificate Services
You need to provide the full chain or a file containing all the trusted public CA certs.
1 found with openssl s_client see here
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.