Skip to content

Commit

Permalink
Use a custom SSLContext in order to allow a specific SSL/TLS versio…
Browse files Browse the repository at this point in the history
…ns to be configured.

 Closes owagner#12
  • Loading branch information
hangy committed Sep 23, 2016
1 parent 4192006 commit 9e65f15
Show file tree
Hide file tree
Showing 2 changed files with 29 additions and 1 deletion.
8 changes: 7 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -129,14 +129,20 @@ Examples:
Note that using SSL connections requires additional configuration at the JVM level. For example, the
broker's certificate needs to be verifiable by the JVM using it's CA cert store.

- mqtt.sslVersion

Optional, define the SSL version that should be used when connecting to the MQTT broker.
Possible values are limited by the executing JVM, but could be one of:
SSL, SSLv2, SSLv3, TLS, TLSv1, TLSv1.1, TLSv1.2

- mqtt.clientid

ClientID to use in the MQTT connection. Defaults to "hm2mqtt".

- mqtt.topic

The topic prefix used for publishing and subscribing. Defaults to "hm/".
^

- mqtt.username
- mqtt.password

Expand Down
22 changes: 22 additions & 0 deletions src/main/java/com/tellerulam/hm2mqtt/MQTTHandler.java
Original file line number Diff line number Diff line change
Expand Up @@ -3,10 +3,13 @@
import java.io.*;
import java.math.*;
import java.nio.charset.*;
import java.security.*;
import java.util.*;
import java.util.concurrent.*;
import java.util.logging.*;

import javax.net.ssl.*;

import org.eclipse.paho.client.mqttv3.*;
import org.eclipse.paho.client.mqttv3.persist.*;

Expand Down Expand Up @@ -203,6 +206,25 @@ private void doConnect()
copts.setPassword(password.toCharArray());
L.fine("Using MQTT username "+username);
}
String sslVersion=System.getProperty("hm2mqtt.mqtt.sslVersion");
if (sslVersion!=null)
{
try
{
SSLContext context = SSLContext.getInstance(sslVersion);
// TODO Maybe use custom trust manager for CA certs https://gist.github.com/sharonbn/4104301
context.init(null, null, null);
copts.setSocketFactory(context.getSocketFactory());
}
catch(NoSuchAlgorithmException nsae)
{
L.log(Level.WARNING, "Error creating SSLContext, check your configuration", nsae);
}
catch(KeyManagementException kme)
{
L.log(Level.WARNING, "Error initializing SSLContext, check your configuration", kme);
}
}
try
{
mqttc.connect(copts);
Expand Down

0 comments on commit 9e65f15

Please sign in to comment.