search

eclipse / paho.mqtt-sn.embedded-c

Paho C MQTT-SN gateway and libraries for embedded systems. Paho is an Eclipse IoT project.
https://eclipse.org/paho
Other
313 stars 179 forks source link

TLS hostname bypass #233

Closed saumilsdk closed 3 years ago

saumilsdk commented 3 years ago

I am using MQTT-SN to connect to secured broker using TLS certificates. But server currently doesn't have certificate with its hostname as SN. Is there a way to bypass/ignore below check?

SSL_get_peer_certificate() error: Broker awsmblxXXX dosen't match the host name localhost

ty4tw commented 3 years ago

Hi,

How about to skip it. Comment out lines from 389 to 403.

saumilsdk commented 3 years ago

@ty4tw Can you please add config support to skip it with a boolean config "enabledHostVerification=true" by default?

ty4tw commented 3 years ago

Hi, Skipping the server certificate procedure is for a temporally debug. A permanent solution is using a local host certificate.