search

wutu / pimatic-mqtt

MQTT plugin for Pimatic
https://pimatic.org/plugins/pimatic-mqtt/
GNU Affero General Public License v3.0
9 stars 13 forks source link

Add ssl config option to force SSL/TLS #29

Closed qistoph closed 6 years ago

qistoph commented 6 years ago

This PR adds an option to the broker configuration ssl:boolean.

When ssl is set to true, SSL/TLS will be enabled like before when using a CA/Cert/Key. This allows one to enable SSL/TLS without having to specifically specifying the CA/Cert/Key, which I think is useful.

The Cert/Key are only used for client side authentication. Configuring a CA would be more secure, but also requires more maintenance, because you might have to update it when the server changes its certificate. For most scenarios is safe enough to relay on the system wide trusted CAs, which is the default when using SSL/TLS without an explicit CA.

wutu commented 6 years ago

Yes you're right. Thank you for PR. It will soon be on npm.