Config SSL mosquitto error

datnq picture datnq · Jun 24, 2015 · Viewed 7.6k times · Source

I tried to config SSL for mostquitto following these steps.

When I restart mosquitto, there is an error:

1435120150: mosquitto version 1.4.2 (build date Mon, 18 May 2015 15:25:19 +0100) starting

1435120150: Config loaded from /etc/mosquitto/mosquitto.conf.

1435120150: Opening ipv4 listen socket on port 8883.

1435120150: Error: Unable to create TLS context.

This is my mosquitto config:

pid_file /var/run/mosquitto.pid
persistence true
persistence_location /var/lib/mosquitto/

log_dest file /var/log/mosquitto/mosquitto.log

include_dir /etc/mosquitto/conf.d

bind_address Dell
port 8883
cafile /etc/mosquitto/ca_certificates/ca.crt
certfile /etc/mosquitto/certs/Dell.crt
keyfile /etc/mosquitto/certs/Dell.key
tls_version tlsv1

How to configure it correctly?

Answer

ralight picture ralight · Jun 24, 2015

Unable to create TLS context suggests that the call to SSL_CTX_new() failed. This is right at the beginning of setting up the SSL options for the listening socket and is very unexpected.

The only things you can do to influence this are to check your version of openssl, and to change/remove the tls_version option. Removing it is the best bet unless you have a particular reason to disallow TLSv1.1 or TLSv1.2 (or TLSv1.3 in the future).