Hi, we want to switch from the Moquette to the HiveMQ and have first installed an Enterprise Edition as a trial on an AWS EC2 instance. All our devices have 3 certificates: CA Certificate, Certificate and private Key. We want to continue to use these. This is what our config looks like:
First off, welcome to the HiveMQ Community! We are always happy to see new users.
Typically, when utilizing TLS in this configuration, it’s best to have a client truststore generated from the server certificate, exported from the server keystore. This client-specific truststore will allow the client to successfully complete the TLS connection. More specific details on TLS implementation for a variety of configurations can be found on our How-Tos page, available here.
Specifically, I believe the “Generate a client JKS trust store” is the pertinent section.
Please let us know if you have any further questions, and once again welcome to the HiveMQ Community!
Hello @AaronTLFranz ,
Thanks for your quick reply, we are so far. The client TrustStore is already created and also has the server certificate. TLS works. What is still not working for us is authentication. As soon as we enable client-authentication-mode, we get the error message above.
For testing, I have tried to use the certificates issued by AWS for the client to exclude that it is due to the self signed certs. With the same result. I imported the CA cert from AWS into the TrustStore of the server. without connection success