Error OpenSSL alert unknown ca

[darlandieterich]

When connect show this error: OpenSSL Error[0]: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca

My params:

data = {
      :host => "localhost",
      :port => 8883,
      :username => "someone",
      :password => "anyonecanenterhere",
      :ssl => true,
      :cert_file => '/app/cert/mosq_serv.crt',
      :key_file => '/app/cert/mosq_serv.key',
      :ca_file => '/app/cert/mosq_ca.crt'
    }

My mosquitto .config:

listener 8883
allow_anonymous false
password_file /app/passwordfile.pwd
cafile /app/cert/mosq_ca.crt
certfile /app/cert/mosq_serv.crt
keyfile /app/cert/mosq_serv.key
protocol mqtt
tls_version tlsv1.2
require_certificate true

My question is, it's valid to only .pem?

[njh]

Just checked and the Cert file and key file are passed into OpenSSL::X509::Certificate and OpenSSL::PKey::RSA respectively:

• https://github.com/njh/ruby-mqtt/blob/master/lib/mqtt/client.rb#L184
• https://github.com/njh/ruby-mqtt/blob/master/lib/mqtt/client.rb#L190

Docs are here:

• https://docs.ruby-lang.org/en/2.4.0/OpenSSL/X509/Certificate.html
• https://docs.ruby-lang.org/en/2.4.0/OpenSSL/PKey/RSA.html

They say:

• "Certificate is capable of handling DER-encoded certificates and certificates encoded in OpenSSL's PEM format."
• _"A key can instead be loaded from an encodedkey which must be PEM or DER encoded."