At ${WORK}, we’ve been running Greenbone Vulnerability Management for some years. After a recent upgrade, Mosquitto wouldn’t shut up about certificate and keyfile until I told it where to find a server certificate and the associated private key. I simply reused what GVM uses in general.

--- /usr/local/etc/mosquitto/mosquitto.conf.sample       2025-06-23 11:46:05.000000000 +0200
+++ /usr/local/etc/mosquitto/mosquitto.conf      2025-06-25 14:39:08.682718000 +0200
@@ -315,10 +315,10 @@
 # TLS encryption.

 # Path to the PEM encoded server certificate.
-#certfile
+certfile /var/lib/gvm/CA/servercert.pem

 # Path to the PEM encoded keyfile.
-#keyfile
+keyfile /var/lib/gvm/private/CA/serverkey.pem

 # If you wish to control which encryption ciphers are used, use the ciphers
 # option. The list of available ciphers can be optained using the "openssl

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>