Certificate Chain support missing
Bug #1189444 reported by
Aki Tuomi
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
mosquitto |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Our PKI uses industry standard
Root CA
|
|
Intermediate CA
|
|
Actual certificate
but there is no way to configure this intermediate CA for mosquitto. This is usually done using
SSL_CTX_
Steps to reproduce:
1. obtain certificate from some PKI using intermediate CAs
2. configure mosquitto to use
3. run openssl s_client -c server:8883 -CAfile /path/to/root.crt
4. you should get error message about not being able to verify certificate
To post a comment you must log in.
Thanks for the report, I'll have a look at it later.