-
Notifications
You must be signed in to change notification settings - Fork 766
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for MQTT SSL #140
Conversation
Awesome! Thank you. I will look into it soon. |
password: Keyword.get(auth, :password), | ||
server: | ||
{Tortoise.Transport.SSL, | ||
host: Keyword.get(auth, :host), port: 8883, verify: :verify_none}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think one would expect security be default i.e. certificates should be verified when MQTT_SSL
is enabled.
Do you use a self-signed certificate? Or could we add a CA store with the :cacertfile
option?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, I use a self-signed certificate, hence the verify_none option. But a CA store option would work as well.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Gotcha! Then let's add a CA store and make:verify_none
optional e.g. with another env var? I'll try to integrate https://github.com/ericmj/castore.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Perfect! Looking forward to test.
Thanks!
Make sure to check the box to allow commits from me on your PRs in the future. I'll add the CA store after merging. Thanks! |
I have a linux container install for TeslaMate and I also have a separate MQTT broker which uses SSL connection.
I have added an ENV var MQTT_SSL as true/false to specify if MQTT connection is using SSL or not.
Please feel free to make the proper corrections as this is my first attempt at Elixir.
Best regards,
Mihai