PSKFile Authentication

PSK certification

If you want to use PSKFile authentication, you need to comment out listener.ssl.external.ciphers in emqx.conf, and then configure listener.ssl.external.psk_ciphers:

  1. #listener.ssl.external.ciphers = ECDHE-ECDSA-AES256-GCM-SHA384,...
  2. listener.ssl.external.psk_ciphers = PSK-AES128-CBC-SHA,PSK-AES256-CBC-SHA,PSK-3DES-EDE-CBC-SHA,PSK-RC4-SHA

But the PSK Ciphers is not supported by tlsv1.3, we should set the tls_version as:

  1. listener.ssl.external.tls_versions = tlsv1.2,tlsv1.1,tlsv1

Create module

Open EMQX DashboardPSK File AUTH - 图1 (opens new window), click the “Modules” tab on the left, and choose to add:

image-20200927213049265

Choose PSK certification

image-20200927213049265

Configure related parameters

image-20200927213049265

After clicking add, the module is added

image-20200927213049265

The PSK configuration file is psk.txt, use a colon : to separate PSK ID and PSK:

  1. client1:1234
  2. client2:abcd