Hi all, I have written the documentation to configure SSL connection in MQTT receiver for wso2 DAS3.1.0. Can anyone please review this [1]?
[1] https://docs.google.com/document/d/1R5yMoazzHg4xzsebjnK5-ugPTShUSclHLv7dWwr-avk/edit#heading=h.diiwwjwm2784 Regards, Kalaiyarasi Ganeshalingam Associate Software Engineer| WSO2 WSO2 Inc : http://wso2.org <http://www.google.com/url?q=http%3A%2F%2Fwso2.org&sa=D&sntz=1&usg=AFQjCNE_eTDfyl2ibPcq0hcXvRDNVuQmMg> Tel:+94 076 6792895 LinkedIn :www.linkedin.com/in/kalaiyarasiganeshalingam Blogs : https://kalaiyarasig.blogspot.com/ <http://kalai4.blogspot.com/> On Tue, Jan 9, 2018 at 2:44 PM, Kalaiyarasi Ganeshalingam < [email protected]> wrote: > Hi all, > > I have tested whether we can create secure mqtt connection with DAS 3.1.0. > > While configuring I got the error [1], then I set up secure transport for > MQTT Mosquito broker with SSL/TSL as in [3]. > > After the above configeration, then I faced the issue [2]. > > So, I have validated the certificate file with requested target > client_truststrore.jks file using the following command keytool -import > -alias server -file [path to .crt] -keystore [path to client-truststore.jks] > > Then I was able to create secure mqtt connection. So we don't need to add > any implementation in mqtt receiver. > > Follow the below steps to create a secure mqtt connection with DAS 3.1.0: > > - set the MQTT Mosquitto broker with SSL/TLS transport security > configured [3]. > - validate the certificate file with requested target client > truststrore.jks file using following command keytool -import -alias server > -file [path to .crt] -keystore [path to client-truststore.jks]. > > > [1] ERROR > {org.wso2.carbon.event.input.adapter.mqtt.internal.util.MQTTAdapterListener} > - MQTT Exception occurred when starting listener > Unable to connect to server (32103) - java.net.ConnectException: > Connection refused (Connection refused) > at org.eclipse.paho.client.mqttv3.internal.TCPNetworkModule. > start(TCPNetworkModule.java:75) > at org.eclipse.paho.client.mqttv3.internal.SSLNetworkModule. > start(SSLNetworkModule.java:77) > at org.eclipse.paho.client.mqttv3.internal.ClientComms$ConnectB > G.run(ClientComms.java:538) > at java.lang.Thread.run(Thread.java:748) > Caused by: java.net.ConnectException: Connection refused (Connection > refused) > at java.net.PlainSocketImpl.socketConnect(Native Method) > at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSock > etImpl.java:350) > at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPl > ainSocketImpl.java:206) > at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocket > Impl.java:188) > at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) > at java.net.Socket.connect(Socket.java:589) > at sun.security.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:668) > at org.eclipse.paho.client.mqttv3.internal.TCPNetworkModule. > start(TCPNetworkModule.java:66) > > [2] MqttException (0) - javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable > to find valid certification path to requested target > > [3] http://rockingdlabs.dunmire.org/exercises-experiments/ > ssl-client-certs-to-secure-mqtt > > Regards, > Kalaiyarasi Ganeshalingam > Associate Software Engineer| WSO2 > WSO2 Inc : http://wso2.org > <http://www.google.com/url?q=http%3A%2F%2Fwso2.org&sa=D&sntz=1&usg=AFQjCNE_eTDfyl2ibPcq0hcXvRDNVuQmMg> > Tel:+94 076 6792895 <+94%2076%20679%202895> > LinkedIn :www.linkedin.com/in/kalaiyarasiganeshalingam > Blogs : https://kalaiyarasig.blogspot.com/ <http://kalai4.blogspot.com/> > >
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
