Homie4 icon indicating copy to clipboard operation
Homie4 copied to clipboard

Published 20 hours ago verified publisher icon mjcumming

TLS configuration

Open jannvck opened this issue 2 years ago • 1 comments

It is not possible to configure network encryption and authentication options except enabling TLS, see:

https://github.com/mjcumming/Homie4/blob/ebe5255166643d8d5f3e5df9bed53725a5c3bc0e/homie/mqtt/paho_mqtt_client.py#L75

I'd suggest changing that particular line to:

self.mqtt_client.tls_set(**self.mqtt_settings["MQTT_TLS_OPTIONS"])

where MQTT_TLS_OPTIONS would be a dictionary with corresponding options as part of MQTT_SETTINGS, see https://github.com/mjcumming/Homie4/blob/ebe5255166643d8d5f3e5df9bed53725a5c3bc0e/homie/mqtt/homie_mqtt_client.py#L12 So the initialiszation of MQTT_SETTINGS could be extended like that:

'MQTT_TLS_OPTIONS' : dict()

A client's MQTT settings could then be configured to use TLS with a CA certificate file by for example:

mqtt_settings = {
    'MQTT_BROKER' : 'mybroker',
    'MQTT_PORT' : 8883,
    'MQTT_USERNAME' : 'test',
    'MQTT_PASSWORD' : 'test',
    'MQTT_USE_TLS' : True,
    'MQTT_TLS_OPTIONS' : dict(
        ca_certs = 'ca-root.crt'
    )
}

jannvck avatar Nov 11 '22 11:11 jannvck

If you do a PR, I'll add it to the release code.

mjcumming avatar Nov 22 '22 02:11 mjcumming