I am trying to connect to Watson IoT platform via MQTT TLS. There is no client side authentication. The board requires that the certificates be flashed in .der format. The connection keeps failing with an error code corresponding to 'Bad CA file'. As part of investigation, I looked into the output of openssl s_client connect. It seems the connection goes fine with .pem format but not with .der format.
I am trying to connect to Watson IoT platform via MQTT TLS. There is no client side authentication. The board requires that the certificates be flashed in .der format. The connection keeps failing with an error code corresponding to 'Bad CA file'. As part of investigation, I looked into the output of
openssl s_client connect
. It seems the connection goes fine with.pem
format but not with.der
format.What certificate should be used on the board?
Download certificates
echo | openssl s_client -connect {orgId}.messaging.internetofthings.ibmcloud.com:8883 -showcerts 2>&1 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > orgId.messaging.internetofthings.ibmcloud.com.pem
Convert format
openssl x509 -inform pem -in orgId.messaging.internetofthings.ibmcloud.com.pem -outform der -out ca.der
openssl
with.pem
fileopenssl
with.der
file