Hello!
I am trying to connect to a mosquitto broker using a self signed ca certificate. I have verified that the client certificate does work in both the mosquitto client and MQTT Explorer.
As far as I understand, the only thing I need to do is to enter the name of the client certificate in the conf9.json file. My configuration looks like this:
"mqtt": {
"enable": true,
"server": "[obfuscated]",
"ssl_ca_cert": "mqtt_ca_cert.pem",
}
The broker has the following configurations:
listener 8883
cafile /etc/mosquitto/ca_certificates/ca.crt
keyfile /etc/mosquitto/certs/server.key
certfile /etc/mosquitto/certs/server.crt
tls_version tlsv1.2
When the device tries to connect to the broker, the following is printed to the log:
mgos_mqtt_conn.c:435 MQTT0 connecting to [obfuscated]:8883
mongoose.c:4906 0x3ffd294c ciphersuite: TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256
mongoose.c:4906 0x3ffd294c x509_verify_cert returned -9984
mongoose.c:4906 0x3ffd294c The certificate is not correctly signed by the trusted CA
mongoose.c:5082 0x3ffd294c mbedTLS error: -0x2700
mgos_mqtt_conn.c:188 MQTT0 TCP connect error (-3)
mgos_mqtt_conn.c:214 MQTT0 Disconnect
Even though the client certificate works in MQTT Explorer and the mosquitto client, Mongoose os does not seem to think it is correctly signed. Why does this happen? Am I doing something wrong?