Skip to main content


Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Eclipse Projects » Mosquitto » MQTT over WebSockets with TLS(C# and JavaScript clients for the communication using MQTT over WebSockets with TLS)
MQTT over WebSockets with TLS [message #1848396] Wed, 01 December 2021 07:35 Go to next message
rishabh sharma is currently offline rishabh sharmaFriend
Messages: 4
Registered: December 2021
Junior Member
We are using the mosquitto.conf (attached in the post)
Have generated ca.crt, server.crt and server.key using openssl,
and am able to establish secure mqtt communication, when only protocol mqtt is specified in the mosquitto.conf,
Our requirement is to achieve TLS based Secure MQTT Communication over WebSockets, please suggest if the mosquitto conf which is attached is the correct one, for the use case, and then if there are any javascript client libraries which we can use to connect to the broker, so far have tried the PAHO client with which we are not able to connect.
Tried MQTT Explorer that connects in case of Encrypted mode but only when there is no additional certificate specified, in which case the doubt is how is TLS possible without a certificate.

Report message to a moderator

Re: MQTT over WebSockets with TLS [message #1848418 is a reply to message #1848396] Wed, 01 December 2021 15:19 Go to previous messageGo to next message
Roger Light is currently offline Roger LightFriend
Messages: 90
Registered: September 2013
Member
I would suggest using this modified version of your configuration. Please note that if your certificate hostname does not match the hostname you are connecting to then many clients may refuse to connect. MQTT Explorer has the option of disabling certificate checking which allows you to figure out when there is a problem. Disabling certificate checks is not something you should be doing normally though.

# These options apply to both listeners
allow_anonymous false
password_file password.txt
 
# Define a listener for encrypted MQTT
listener 8883
protocol mqtt
certfile server.crt
keyfile server.key
cafile ca.crt
tls_version tlsv1.2
 
# Define a listener for encrypted MQTT over WebSockets
listener 8081
protocol websockets
certfile server.crt
keyfile server.key
cafile ca.crt
tls_version tlsv1.2

Report message to a moderator

Re: MQTT over WebSockets with TLS [message #1849939 is a reply to message #1848418] Wed, 09 February 2022 06:52 Go to previous message
rishabh sharma is currently offline rishabh sharmaFriend
Messages: 4
Registered: December 2021
Junior Member
I tried to create new set of certificate with the common name as the hostname of my system on which the broker is hosted, and updated the config as well, but in this configuration also I'm not able to establish websocket connection, whereas I'm able to connect when the protocol is mqtt in the mosquitto.conf, only in case of websockets is where I am facing the issue where my code throws an exception stating 
AuthenticationException: The remote certificate is invalid according to the validation procedure.

Report message to a moderator

Previous Topic:Cannot (reconnect) to mosquitto after broker restarted
Next Topic:Please help. Can't connect with websocket and TLS
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Fri Apr 19 16:26:21 GMT 2024

Powered by FUDForum. Page generated in 0.01406 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top

Sign up to our Newsletter

A fresh new issue delivered monthly