search

eclipse / mosquitto

Eclipse Mosquitto - An open source MQTT broker
https://mosquitto.org
Other
8.61k stars 2.33k forks source link

No CRL check is happening when connecting via websockets with revoked client certificates #3042

Closed simplementos closed 2 months ago

simplementos commented 2 months ago

I have such mosquitto configuration:

log_type error log_type warning log_type notice log_type information log_dest file /logpath

listener 9005 protocol websockets cafile /cafilepath

certfile /certfilepath

keyfile /keyfilepath

crlfile /crlfilepath

require_certificate true

use_identity_as_username true

When i connect to local mosquitto using client certificates which are revoked, no CRL check by mosquitto is happening.

If I change configuration protocol to just mqtt, CRL check works.

So, 1) My configuration could be wrong, and something is missing for configuring CRL check via websockets 2) CRL check via websockets doesn’t work in mosquitto

Have anyone bumped into this issue?

Mosquitto v2.0.18, Windows 11

simplementos commented 2 months ago

Got response that it's not implemented yet