Hi, Mosquitto broker is currently able to verify certificates based on CRLs. It is not possible to proceed to custom advanced verifications (eg: online controls using OCSP). In the same way, Mosquitto client only allow to control (or not) the name of the certificate: if the certificate's name matches the hostname of the server then it is considered verified.
Is there any chance that Mosquitto allows to select a custom verify callback called by OpenSSL? Cheers, Remi
-- Mailing list: https://launchpad.net/~mosquitto-users Post to : mosquitto-users@lists.launchpad.net Unsubscribe : https://launchpad.net/~mosquitto-users More help : https://help.launchpad.net/ListHelp
