Skip to main content


Eclipse Community Forums

      Home
Home » Eclipse Projects » Mosquitto » MQTT over WebSockets with TLS(C# and JavaScript clients for the communication using MQTT over WebSockets with TLS)
MQTT over WebSockets with TLS [message #1848396] Wed, 01 December 2021 02:35 Go to next message
Eclipse UserFriend
We are using the mosquitto.conf (attached in the post)
Have generated ca.crt, server.crt and server.key using openssl,
and am able to establish secure mqtt communication, when only protocol mqtt is specified in the mosquitto.conf,
Our requirement is to achieve TLS based Secure MQTT Communication over WebSockets, please suggest if the mosquitto conf which is attached is the correct one, for the use case, and then if there are any javascript client libraries which we can use to connect to the broker, so far have tried the PAHO client with which we are not able to connect.
Tried MQTT Explorer that connects in case of Encrypted mode but only when there is no additional certificate specified, in which case the doubt is how is TLS possible without a certificate.
Re: MQTT over WebSockets with TLS [message #1848418 is a reply to message #1848396] Wed, 01 December 2021 10:19 Go to previous messageGo to next message
Eclipse UserFriend
I would suggest using this modified version of your configuration. Please note that if your certificate hostname does not match the hostname you are connecting to then many clients may refuse to connect. MQTT Explorer has the option of disabling certificate checking which allows you to figure out when there is a problem. Disabling certificate checks is not something you should be doing normally though.

# These options apply to both listeners
allow_anonymous false
password_file password.txt
 
# Define a listener for encrypted MQTT
listener 8883
protocol mqtt
certfile server.crt
keyfile server.key
cafile ca.crt
tls_version tlsv1.2
 
# Define a listener for encrypted MQTT over WebSockets
listener 8081
protocol websockets
certfile server.crt
keyfile server.key
cafile ca.crt
tls_version tlsv1.2
Re: MQTT over WebSockets with TLS [message #1849939 is a reply to message #1848418] Wed, 09 February 2022 01:52 Go to previous message
Eclipse UserFriend
I tried to create new set of certificate with the common name as the hostname of my system on which the broker is hosted, and updated the config as well, but in this configuration also I'm not able to establish websocket connection, whereas I'm able to connect when the protocol is mqtt in the mosquitto.conf, only in case of websockets is where I am facing the issue where my code throws an exception stating 
AuthenticationException: The remote certificate is invalid according to the validation procedure.
Previous Topic:Cannot (reconnect) to mosquitto after broker restarted
Next Topic:Please help. Can't connect with websocket and TLS
Goto Forum:
  


Current Time: Sat Jul 05 00:34:39 EDT 2025

Powered by FUDForum. Page generated in 0.05058 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top

Sign up to our Newsletter

A fresh new issue delivered monthly