Closed gummigroda closed 11 months ago
Missed this - it should be doable. It actually happens in another project of mine which wraps an MQTT client. The specific lines are here: https://github.com/LordMike/MBW.HassMQTT/blob/7af4e5bd36c1a0faa46cadff664b137fbd5bffb6/MBW.HassMQTT.CommonServices/CommonServicesExtensions.cs#L32-L35
Your TLS setup - is the certificate valid, or do you also need a method to bypass validation?
Great, thanks.
I'm using certificates from Let's Encrypt. So, the chain should be valid.
I'll give it a go, but I have no way of testing. So we'll have to try it out :)
I've pushed it. The configuration options are linked below. To run this you can pull the :dev
docker image.
I think you just need to set:
MQTT__EnableTls
to true
Of course also setting the port if you run the TLS default (8883) - but you probably already know this. The other options can also be set with the MQTT__
prefix.
Okay, I've now enabled TLS and it works after I added MQTT__TlsProtocols: Tls12
as my server don't allow deprecated protocols. Don't know what the 'default' setting is using, but perhaps changing the default to 'Tls12' instead?
Thanks!
The default is whatever the system uses by default. On windows this has changed over time towards more protocols.
I could set it to a mix of tls 1.0/1.1/1.2/1.3. Buut, when 1.4 or 2.0 drops, I’ll be behind. :/
Sent from Outlook for iOShttps://aka.ms/o0ukef
From: Osterberg @.> Sent: Saturday, August 26, 2023 2:25:58 PM To: LordMike/MBW.BlueRiiot2MQTT @.> Cc: Michael Bisbjerg @.>; Comment @.> Subject: Re: [LordMike/MBW.BlueRiiot2MQTT] Add TLS support (Issue #78)
Okay, I've now enabled TLS and it works after I added MQTT__TlsProtocols: Tls12 as my server don't allow deprecated protocols. Don't know what the 'default' setting using, but perhaps changing the default to 'Tls12' instead?
Thanks!
— Reply to this email directly, view it on GitHubhttps://github.com/LordMike/MBW.BlueRiiot2MQTT/issues/78#issuecomment-1694330118, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AAH2YJYXBLZAU4RVOZS5Q2TXXHTNNANCNFSM6AAAAAAY7IPQPQ. You are receiving this because you commented.Message ID: @.***>
I'm fine with keeping the default value. Thanks for the support.
Hi, and thanks for the great software.
How much labor would it be to add support for TLS in the MQTT connection? (I'm no dev, and I can't seem to find where the connection to the MQTT server is being made in the code, any hints?)