is it possible to do 3way handshake only one time with mqtt communication?

0
votes

I am using mosquitto_pub to publish the data with TLS using a topic. I am using mosquitto_sub to subscribe to the topic from mosquitto_pub..

Whenever I fire a mosquitto_pub , I noticed that the wireshark can detect a 3 way handshake each time. My Question now is, is it possible for mosquitto to do only one time of a 3 way handshake? just to minimize the time of sending the data and receiving it to the other end.

I mean like keep the handshake alive on the first firing of mosquitto_pub, then on the succeeding publishing of message, it will send only the TLS data and not do a 3 way handshake over and over again each time.

1
sslmqttiottls1.2mosquitto
What problem are you actually trying to solve here?hardillb
the minimalization of the handshake. because during mosquitto_pub + TLS , i can see in the wireshark that the flow takes awhile before the TLS protected data is being sent due to the TLS handshake.... so is there a way to be able to just have a one time 3 way handshake, so that the succeeding message to be published is gonna be just the TLS protected data itself and no need to execute the 3 way handshake again ?sasori
Yes, but why is that a problem? If you are going to be sending multiple messages then why not write your own publishing client using one of the many libraries and maintain a constant connection to the broker?hardillb
do you have a sample ?, because the "-k" OR "-keepalive" parameter is not the one am looking for. because it doesn't stop the 3 way handshake each time i publish a messagesasori
I'm saying mosquitto_pub is the wrong tool for sending multiple messages. There are literally 100s of MQTT client libraries you could use to write your own.hardillb

1 Answers

2
votes

What you are describing is SSL/TLS session resumption.

There is support in the mosquitto broker for session resumption, but not in the command line tools.

This is because they would need to store the session id key between each execution. This looks to have been discussed in this mosquitto-dev mailing list thread, but not implemented as there was no demand for it.

You can use TLS session resumption with the Paho C library by settings the Clean Session flag to false (I still think the concept of MQTT session and TLS session should have been kept separate) if the broker supports it.