tbr | I've gotten around to setting up TLS on the mqtt test server. It's available on port 1884. Certificate comes from letsencrypt. If your client complains, try setting hostname to cfp.devaamo.fi (that got randomly chosen as the CN, other hosts are SAN) | 15:21 |
---|---|---|
tbr | I'll have to have a look at updating my python client patch to latest paho | 15:22 |
tbr | the current version should do tls too, but doesn't hurt to stay up to date | 15:22 |
kimmoli | tbr: nice | 15:27 |
kimmoli | atleast changing setting from mqtt-irssi worked | 15:36 |
kimmoli | or not | 15:39 |
tbr | no, but I have a patch that I can push | 15:40 |
tbr | and it works | 15:40 |
kimmoli | ok | 15:43 |
tbr | kimmoli: pushed | 15:45 |
kimmoli | tnx | 15:45 |
tbr | np, good that you reminded me that I hadn't pushed this :) | 15:45 |
kimmoli | öh | 15:49 |
kimmoli | mqtt-test gives me now --usage | 15:50 |
kimmoli | of something. maybe my mosquitto is out of date | 15:50 |
tbr | oh, then enlarge the window and see what the first line of output says | 15:58 |
tbr | if it says unknown option, then yes | 15:58 |
tbr | please let me know which version of mosquitto and which distro, so that I can make a note in the README | 15:59 |
kimmoli | --capath is nor recognized as option | 15:59 |
kimmoli | ubuntu 12.04 , seems mosquitto_clients is 0.15 | 16:00 |
tbr | oh, yeah, that's seriously old :/ | 16:00 |
kimmoli | that seems to be newest that is packaged for ubuntu | 16:00 |
* kimmoli goes afk for 30mins | 16:01 | |
tbr | you could rebuild a newer source package https://launchpad.net/mosquitto/+packages | 16:01 |
tbr | beware 1.4 has a dependency on libwebsocket, so you'd need to build that too, but it doesn't pull in more dependencies, at least for me | 16:02 |
kimmoli | ok, now built... Error: A TLS error occurred | 17:07 |
tbr | yaaaay :-/ | 17:23 |
tbr | you can try: openssl s_client -connect 130.83.179.104:1884 | 17:24 |
kimmoli | unable to get local issuer certificate | 17:26 |
kimmoli | lots of alternate names | 17:28 |
tbr | I wonder if your machine doesn't trust letsencrypt or the cross signed authority | 17:41 |
kimmoli | i added lets X1 | 17:44 |
kimmoli | screen -rd | 17:45 |
kimmoli | äh | 17:45 |
kimmoli | Just pasted a lot, see here http://pastebin.com/8mQMVSLK | 17:45 |
kimmoli | well,. reverted to nonTLS for now | 17:52 |
tbr | hmm, hard to say | 17:53 |
tbr | which distro is this? | 17:53 |
tbr | buntu 12.04? | 17:53 |
kimmoli | y | 17:53 |
tbr | k. will check later | 17:53 |
Generated by irclog2html.py 2.17.1 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!