Open ghost opened 7 years ago
did you solve your issue?
for me the solution was change the option "cafile" to "capath" in $socketContext options. The connect string i use:
$mqtt = new phpMQTT($server, $port, $client_id, "/etc/ssl/certs");
using php7.0
Hope it helps.
I am unable to connect to a mosquitto server running TLSv1. I am using php5. I added the CA certificate in the directory and passes it in parameter: $mqtt = new phpMQTT($server, $port, $client_id, "ca.crt");
I am getting the error "unable to connect tls://locahost:8883 (error unknown)". I supsect there is some option to set properly in the socket context ?
Thank you for any help.
I had the same issue and solved it for me (with tls v1.2) by changing the line $this->socket = stream_socket_client("tls://" . $this->address . ":" . $this->port, $errno, $errstr, 60, STREAM_CLIENT_CONNECT, $socketContext); to $this->socket = stream_socket_client("tlsv1.2://" . $this->address . ":" . $this->port, $errno, $errstr, 60, STREAM_CLIENT_CONNECT, $socketContext); within phpMQTT.php.
A cleaner way would be to make it configurable as a constructor parameter: $mqtt = new phpMQTT($server, $port, $client_id, "ca.crt", "tlsv1.1");
Thanks @bluerhinos for this simple and great php script. I was working on integrating SSL enabled MQTT client based on PHP, your script helped me greatly!
Keep the good work up!
Hi,
Thanks for the great script. I see in the issues that SSL/TLS support has been mentioned a few times. Would the following change not implement SSL/TLS?
Changing the following line
$this->socket = fsockopen($address, $this->port, $errno, $errstr, 60);
to
$this->socket = stream_socket_client('ssl://'.$address.':'.$this->port,$errno,$errstr);
I have tested this and the connection is successful without any SSL errors thrown and message is received by the broker. My question is is this actually a valid TLS connection? When testing on localhost I get:
routines:ssl3_get_server_certificate:certificate verify failed
Would this suggest the working connection is then truly encrypted?