29 lines
1.0 KiB
Plaintext
29 lines
1.0 KiB
Plaintext
emqx_psk_schema {
|
|
|
|
chunk_size.desc:
|
|
"""The size of each chunk used to import to the built-in database from PSK file"""
|
|
|
|
enable.desc:
|
|
"""Whether to enable TLS PSK support"""
|
|
|
|
init_file.desc:
|
|
"""If init_file is specified, EMQX will import PSKs from the file into the built-in database at startup for use by the runtime.
|
|
The file has to be structured line-by-line, each line must be in the format of <code>PSKIdentity:SharedSecret</code>.
|
|
For example: <code>mydevice1:c2VjcmV0</code>"""
|
|
|
|
psk_authentication.desc:
|
|
"""PSK stands for 'Pre-Shared Keys'.
|
|
This config to enable TLS-PSK authentication.
|
|
|
|
Important! Make sure the SSL listener with only <code>tlsv1.2</code> enabled, and also PSK cipher suites
|
|
configured, such as <code>RSA-PSK-AES256-GCM-SHA384</code>.
|
|
|
|
See listener SSL options config for more details.
|
|
|
|
The IDs and secrets can be provided from a file which is configurable by the <code>init_file</code> field."""
|
|
|
|
separator.desc:
|
|
"""The separator between <code>PSKIdentity</code> and <code>SharedSecret</code> in the PSK file"""
|
|
|
|
}
|