rumqttd
native-tls
support
This crate, by default uses the tokio-rustls
crate. There's also support for the tokio-native-tls
crate.
Add it to your Cargo.toml like so:
rumqttd = { version = "0.5", default-features = false, features = ["use-native-tls"] }
Then in your config file make sure that you use the pkcs12
entries under certs
for your cert instead of cert_path
, key_path
, etc.
[]
= 8883
[]
= "/root/identity.pfx"
= "<your password>"
Here's what a Rustls config looks like:
[]
= 8883
[]
= "tlsfiles/server.cert.pem"
= "tlsfiles/server.key.pem"
= "tlsfiles/ca.cert.pem"
You can generate the .p12
/.pfx
file using openssl
:
openssl pkcs12 -export -out identity.pfx -inkey ~/pki/private/test.key -in ~/pki/issued/test.crt -certfile ~/pki/ca.crt
Make sure if you use a password it matches the entry in pkcs12_pass
. If no password, use an empty string ""
.