You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Allowuse of multiple domain names with per-domain certificates
5.4.3 Authentication of the Server by the Client
The MQTT protocol is not trust symmetrical: it provides no mechanism for the Client to authenticate the Server.
Where TLS [RFC5246] is used, SSL Certificates sent from the Server can be used by the Client to authenticate the Server. Implementations providing MQTT service for multiple hostnames from a single IP address should be aware of the Server Name Indication extension to TLS defined in section 3 of RFC 6066 [RFC6066].This allows a Client to tell the Server the hostname of the Server it is trying to connect to.
An implementation might allow for authentication where the credentials are sent in an Application Message from the Server to the Client.
A VPN between Clients and Servers can provide confidence that Clients are connecting to the intended Server.
The text was updated successfully, but these errors were encountered:
Allowuse of multiple domain names with per-domain certificates
The text was updated successfully, but these errors were encountered: