How to publish data using secured port 8883

[Eldho1416]

Hi, In paho mqtt python library there is tls_set_context(context=None) which enables CA server signed certificate

is there something similar to this in java which can match with server signed certificates.

[oreillymj]

Have you look at the example in the test code? https://github.com/eclipse/paho.mqtt.java/blob/master/org.eclipse.paho.client.mqttv3.test/src/test/java/org/eclipse/paho/client/mqttv3/test/BasicSSLTest.java

That uses the "Java" system keystores etc.. I actually use a .crt, .ca and .key file with an SSLUtil class to create an sslsocketfactory object. The sslutil class uses the Bouncycastle libraries to work with the certificate files.

See here and my code to add the socketfactory to urls containing with ssl (which actually should be doing a starts with check)

MqttConnectOptions options = new MqttConnectOptions(); if ((m_serverUrl.toLowerCase().contains("ssl")) && (sslsocketfactory == null)) { SslUtil ssl = new SslUtil(); if ( (m_caFilePath!=null) && (m_clientCrtFilePath!=null) && (m_clientKeyFilePath!=null) ) { l4j.info("CA Cert->" + ssl_resource_folder + m_caFilePath); l4j.info("Client Cert->" + ssl_resource_folder + m_clientCrtFilePath); l4j.info("Client Key->" + ssl_resource_folder + m_clientKeyFilePath); sslsocketfactory = ssl.getSocketFactory(ssl_resource_folder + m_caFilePath, ssl_resource_folder + m_clientCrtFilePath, ssl_resource_folder + m_clientKeyFilePath, password); }else{ l4j.fatal("SSLSocketFactory creation failed. Connection is SSL but no ca cert, client cert or key path found for" + m_serverUrl); return false; } if (sslsocketfactory != null) { options.setSocketFactory(sslsocketfactory); ssl = null; } else { l4j.fatal("SSLSocketFactory creation failed. Unable to connect to server->" + m_serverUrl); return false; } }

            options.setConnectionTimeout(timeout);
            options.setKeepAliveInterval(keepalive_forever);