d0kuhn/mosquitto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update blog post with non-expired Lets Encrypt root.

Browse Source 
Closes #2692. Thanks to Matt Turner.
This commit is contained in:
Roger A. Light 2023-04-01 22:28:02 +01:00
parent 5a748806d3
commit 655f9e58b7
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
www/posts/2015/12/using-lets-encrypt-certificates-with-mosquitto.md
View File

@ -17,13 +17,14 @@ Then use the following for your mosquitto.conf:
```
listener 8883
cafile /etc/ssl/certs/DST_Root_CA_X3.pem
cafile /etc/ssl/certs/ISRG_Root_X1.pem
certfile /etc/letsencrypt/live/example.com/fullchain.pem
keyfile /etc/letsencrypt/live/example.com/privkey.pem
```
You need to be aware that current versions of mosquitto never update listener
settings when running, so when you regenerate the server certificates you will
need to completely restart the broker.
Since version 2.0 of Mosquitto, you can send a SIGHUP to the broker to cause it
to reload certificates. Prior to this version, mosquitto would never update
listener settings when running, so you will need to completely restart the
broker.
[Let's Encrypt]: https://letsencrypt.org/