Ask Your Question

Connection to AWS MQTT Broker via TLS1.2

asked 2018-10-10 14:22:55 -0600

kranthi gravatar image

updated 2018-10-10 14:23:09 -0600

I have 3 files (cert, private key, root CA). Any simple working solution to generate PKCS12 or JKS. I tried various things from [] , but didnt work.

edit retag flag offensive close merge delete

2 Answers

Sort by ยป oldest newest most voted

answered 2018-10-11 14:37:59 -0600

jeff gravatar image

updated 2018-10-11 14:38:28 -0600

The MQTT client origin includes TLS configuration, which includes a trust store. Did you try creating a trust store file that is accessible to your Data Collector, then adding the root CA to that trust store, and configuring the origin to use that trust store? If so, what exact error did you see?

edit flag offensive delete link more


Yes. I did. openssl pkcs12 -export \ -name "My Certificate" \ -out fd.p12 \ -inkey private.key \ -in cert.pem \ -certfile root-CA.crt I tried above file and also tried converting that to jks. I always get No trusted certificate found

kranthi gravatar imagekranthi ( 2018-10-11 16:13:16 -0600 )edit

I see here nice example on generating truststore file. I tried the same but not working.. Getting the same error as above. (external link)

kranthi gravatar imagekranthi ( 2018-10-12 14:12:22 -0600 )edit

You should not need a private key in that file. A trust store should only contain the certificates needed to validate the remote endpoint against a trusted root CA. In your case, that means you should just need the root CA certificate to be added.

jeff gravatar imagejeff ( 2018-10-12 14:14:30 -0600 )edit

Can you try a standalone Java TLS test tool to validate your trust store file is correct, in isolation? For example: Let me know if that succeeds.

jeff gravatar imagejeff ( 2018-10-12 14:19:27 -0600 )edit

sure.. I will let you know

kranthi gravatar imagekranthi ( 2018-10-12 14:23:31 -0600 )edit

answered 2018-10-17 20:58:28 -0600

kranthi gravatar image
edit flag offensive delete link more
Login/Signup to Answer

Question Tools

1 follower


Asked: 2018-10-10 14:22:55 -0600

Seen: 105 times

Last updated: Oct 17 '18