2 posts / 0 new
Last post
ethan.rose
V3 server SSL error on Mosquito with valid SSL cert

Hi there,

I have tested connection to my MQTT server (using a LetsEncrypt certificate) by other means and at that time it appeared to work correctly so unclear why I can't publish to it with the OVMS module. Is it possible that the OVMS module doesn't have the LE roots or is trying to autenticate with a cert when it shouldn't?

My Mosquitto config:

listener 8883
capath /letsencrypt/live/secure.ethanrose.nz/chain.pem
keyfile /letsencrypt/live/secure.ethanrose.nz/privkey.pem
certfile /letsencrypt/live/secure.ethanrose.nz/cert.pem
tls_version tlsv1.2

Logs from my OVMS module

I (1585112) ovms-server-v3: Connection is secure.ethanrose.nz:8883 XXXXXX/ovms topic ovms/ovms/XXXXXX/
I (1585112) ovms-server-v3: Status: Connecting...
E (1585252) mongoose: mg_ssl_if_mbed_err   0x3f858e64 SSL error: -9984
W (1585252) ovms-server-v3: Connection failed
E (1585252) ovms-server-v3: Status: Error: Connection failed
E (1588502) mongoose: mg_ssl_if_mbed_err   0x3f858e64 SSL error: -29312
W (1588502) ovms-server-v3: Connection failed
E (1588502) ovms-server-v3: Status: Error: Connection failed
I (1588512) ovms-server-v3: Status: Disconnected from OVMS Server V3

Logs from my Mosquitto broker:

1598386918: New connection from xxx.xxx.xx.xx on port 8883.
1598386918: OpenSSL Error: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca
1598386918: OpenSSL Error: error:140940E5:SSL routines:ssl3_read_bytes:ssl handshake failure
1598386918: Socket error on client <unknown>, disconnecting.

Can anyone assist? The server is publicly visible so you can test the cert yourself if you'd like.

Regards,

Ethan

ethan.rose
Nevermind, I have resolved

Nevermind, I have resolved myself by following the documentation and using the tls trust commands to load the trust chain. I had to load the fullchain.pem file from my letsencrypt setup.

Log in or register to post comments
randomness