1 Answer
- Newest
- Most votes
- Most comments
0
Can you please check the certificate your domain is returning? It should look like this:
$ openssl s_client -showcerts -servername mqtt.abc.example.org -connect mqtt.abc.example.org:8883
CONNECTED(00000003)
depth=2 C = US, O = Amazon, CN = Amazon Root CA 1
verify return:1
depth=1 C = US, O = Amazon, OU = Server CA 1B, CN = Amazon
verify return:1
depth=0 CN = mqtt.abc.example.org
verify return:1
write:errno=0
Based on your error message though, I think it won't look like that.
Relevant content
- asked 3 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
I have different results. On windows machine I get always
Verify return code: 20 (unable to get local issuer certificate) On linux machine, 1 works, the other give me the seme error as windows machine.
If I add to openssl --CAfile AmazonRootCA1.pem it works on every machine.
What is the output when it works? In particular, what CN is returned?