10922 questions

13024 answers

20292 comments

27220 members

+2 votes
335 views 0 comments
by

WebUI allows setting up MQTT bridge with remote TLS without CA certificate, client certificate or client key. However this generates an invalid mosquitto.conf. mosquitto is cable of using OS CA certificate and connect to TLS enabled broker. I have created several patches that will modify the firmware to make sure mosquitto.conf generated is valid and works as expected. 

Affected devices devices/firmware:

  • RUT240 (Firmware version ?)
  • TRB145 (Firmware version TRB1_R_00.02.05.2)

I suggest that if no CA certificate is not provided use bridge_cafile /etc/cacert.pem. If no client certificate is provided, exclude bridge_certfile. If no client key is not provided, exclude bridge_keyfile.

Here are the patches:

I would appreciate feedback about the patches. If they are good, I hope they will be applied before the next firmware release.

1 Answer

0 votes
by
Hi,

These are great and reasonable changes you've made! I will take them to RnD and ask what do they think and if this is good to implement in our next firmware versions.

Thank you very much for your feedback and we will make sure to provide you with one too.

EB.