I’m using EMQ X Broker 4.4.14 zip version in Ubuntu 20.04 . I setup the MQTT TLS setup with these configuration:
listener.ssl.external.keyfile = etc/letsencrypt/privkey.pem
listener.ssl.external.certfile = etc/letsencrypt/fullchain.pem
listener.ssl.external.cacertfile = etc/letsencrypt/ca.pem
privkey and fullchain are copied from /etc/letsencrypt/live/{domain}
ca.pem is merge of ISRG_Root_X1.pem and chain.pem (from letsencrypt)
But I’m getting the following logs in emqx.log.1:
2023-02-21T22:34:21.390149+00:00 [error] supervisor: ‘esockd_connection_sup - <0.1802.0>’, errorContext: connection_shutdown, reason: {ssl_error,{tls_alert,{unknown_ca,“TLS server: In state wait_cert at ssl_handshake.erl:2105 generated SERVER ALERT: Fatal - Unknown CA\n”}}}, offender: [{pid,<0.4875.0>},{name,connection},{mfargs,{emqx_connection,start_link,[[{deflate_options,[]},{crl_options,[{crl_check_enabled,false},{crl_cache_urls,[]}]},{ocsp_options,[{ocsp_stapling_enabled,false},{ocsp_refresh_interval,300000},{ocsp_refresh_http_timeout,15000}]},{max_conn_rate,500},{active_n,100},{zone,external},{proxy_address_header,<<>>},{proxy_port_header,<<>>},{supported_subprotocols,[]}]]}}]
Getting this error added in log every 1 second. Please help me fix this issue.