log_type error
log_type warning
log_type notice
log_type information
#loglevel debug

#log_dest file /var/log/mosquitto/tls-testing.log

# Allow large Packets
maximum_packet_size 100000

allow_anonymous true
password_file test/tls-testing/mosquitto.pw

#message_size_limit 5000000

# non-SSL listeners
listener 1883
listener 18883

# listener for mutual authentication
listener 18884
cafile tls_testing/keys/all-ca.crt
certfile tls_testing/keys/server/server.crt
keyfile tls_testing/keys/server/server.key
require_certificate true
use_identity_as_username false
#tls_version tlsv1

# server authentication - no client authentication
listener 18885
cafile tls_testing/keys/all-ca.crt
certfile tls_testing/keys/server/server.crt
keyfile tls_testing/keys/server/server.key
require_certificate false
#tls_version tlsv1

listener 18886
cafile tls_testing/keys/all-ca.crt
certfile tls_testing/keys/server/server.crt
keyfile tls_testing/keys/server/server.key
require_certificate false
#ciphers ADH-DES-CBC-SHA
#tls_version tlsv1

# server authentication - no client authentication - uses fake hostname to
# simulate mitm attack. Clients should refuse to connect to this listener.
listener 18887
#cafile test/tls-testing/keys/all-ca.crt
cafile tls_testing/keys/server/server.crt
certfile tls_testing/keys/server/server-mitm.crt
keyfile tls_testing/keys/server/server-mitm.key
require_certificate true
#tls_version tlsv1