table of contents
MOSQUITTO-TLS(7) | Conventions and miscellaneous | MOSQUITTO-TLS(7) |
NAME¶
mosquitto-tls - Configure SSL/TLS support for MosquittoDESCRIPTION¶
mosquitto provides SSL support for encrypted network connections and authentication. This manual describes how to create the files needed.CERTIFICATE AUTHORITY¶
Generate a certificate authority certificate and key.•openssl req -new -x509 -days <duration>
-extensions v3_ca -keyout ca.key -out ca.crt
SERVER¶
Generate a server key.•openssl genrsa -des3 -out server.key 2048
Generate a server key without encryption.
•openssl genrsa -out server.key 2048
Generate a certificate signing request to send to the CA.
•openssl req -out server.csr -key server.key
-new
Send the CSR to the CA, or sign it with your CA key:
•openssl x509 -req -in server.csr -CA ca.crt
-CAkey ca.key -CAcreateserial -out server.crt -days <duration>
CLIENT¶
Generate a client key.•openssl genrsa -des3 -out client.key 2048
Generate a certificate signing request to send to the CA.
•openssl req -out client.csr -key client.key
-new
Send the CSR to the CA, or sign it with your CA key:
•openssl x509 -req -in client.csr -CA ca.crt
-CAkey ca.key -CAcreateserial -out client.crt -days <duration>
SEE ALSO¶
mosquitto(8), mosquitto-conf(5)AUTHOR¶
Roger Light <roger@atchoo.org>08/06/2014 | Mosquitto Project |