#include <MQTTClient.h>

Data Fields
char	struct_id [4]

int	struct_version

const char *	trustStore

const char *	keyStore

const char *	privateKey

const char *	privateKeyPassword

const char *	enabledCipherSuites

int	enableServerCertAuth

Detailed Description

MQTTClient_sslProperties defines the settings to establish an SSL/TLS connection using the OpenSSL library. It covers the following scenarios:

Server authentication: The client needs the digital certificate of the server. It is included in a store containting trusted material (also known as "trust store").
Mutual authentication: Both client and server are authenticated during the SSL handshake. In addition to the digital certificate of the server in a trust store, the client will need its own digital certificate and the private key used to sign its digital certificate stored in a "key store".
Anonymous connection: Both client and server do not get authenticated and no credentials are needed to establish an SSL connection. Note that this scenario is not fully secure since it is subject to man-in-the-middle attacks.

Field Documentation

◆ struct_id

char struct_id[4]

The eyecatcher for this structure. Must be MQTS

◆ struct_version

int struct_version

The version number of this structure. Must be 0

◆ trustStore

const char* trustStore

The file in PEM format containing the public digital certificates trusted by the client.

◆ keyStore

const char* keyStore

The file in PEM format containing the public certificate chain of the client. It may also include the client's private key.

◆ privateKey

const char* privateKey

If not included in the sslKeyStore, this setting points to the file in PEM format containing the client's private key.

◆ privateKeyPassword

const char* privateKeyPassword

The password to load the client's privateKey if encrypted.

◆ enabledCipherSuites

const char* enabledCipherSuites

The list of cipher suites that the client will present to the server during the SSL handshake. For a full explanation of the cipher list format, please see the OpenSSL on-line documentation: http://www.openssl.org/docs/apps/ciphers.html#CIPHER_LIST_FORMAT If this setting is ommitted, its default value will be "ALL", that is, all the cipher suites -excluding those offering no encryption- will be considered. This setting can be used to set an SSL anonymous connection ("aNULL" string value, for instance).

◆ enableServerCertAuth

int enableServerCertAuth

True/False option to enable verification of the server certificate

The documentation for this struct was generated from the following file:

MQTTClient.h

Data Fields