Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [mosquitto-dev] MQTT connection using opens s_client
  • From: Mikkel Kirkgaard Nielsen <miki@xxxxxxxxx>
  • Date: Mon, 2 Apr 2018 18:02:45 +0200
  • Autocrypt: addr=miki@xxxxxxxxx; keydata= xsBNBFMd83ABCADxxYghzMWmQsNfoyLaz0gKHiuj+ShYpE4CPtHt7SUZMQrLPwHGRq/fXksS u17Kg7PtQLkxRKOKhd9/UgtIuQbCoWwByPok78DgWglJh0KzxK7iSoUCEXlSf/kzaLNXiTZh UdCl0WMzkleRmAG/cpN91WpHPSOacQLlqUUF09T60R2BpPSLSkQDwvj48HU0t2LnoIMsqOnj CVg1Jtp2R7cxFuz1c4OEscKPMIEI4Xg6UWBfpF+dG6IFFZNZTTa0tFFkcOd3WoMfLUD92Crt gz5XOxNkWONps6eo51GN4H6UEff5Vi3Ym7CslW6PAW7eruPCL7JljPUbgfQXH1i2Mr7nABEB AAHNKk1pa2tlbCBLaXJrZ2FhcmQgTmllbHNlbiA8bWlraW5pQGZzZmUub3JnPsLAdwQTAQgA IQUCWnMkqgIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRCdpbhVs2k0mpwyB/9Gozy0 00cpDTglN6/rrWyhDstsgyFcio03NG98nRN9rcMI5jQi+MXJAc7E+m4ndaeTMkkjloWqEv+g m4i/AabeViY8KPJmV2fkFEweXyOKeKG7s32j0lv14N0xE4egcIjtC81BNx3QRyZN2C7kv5sh L9joLcjA3RTQdIHq9HBmVoUcZZUQMtXA+aBtsb/cSmvkD4nWTqyY+8WmlT0JGHCpfifgAmKz ipBqFqWUFx4atwqEAHUHU4oWhwtlkYg4GkrhiClC0AD47YbjPGCx1tP3rwZfSRizfM9Uytkf Wi4UO5QT/PEwqHfG+8QveKnLmAlt3UH+dgjW9u2igqmAfCybzsBNBFMd83ABCADD9Xb47F3V 67iY9mMZRA3RYcswm5EZhj7LgEqu3iZcr5gkuq/+dYxf16HBTTAVpBECjVLP317BTZC5HC8h 5P5VHrA0ln6ItNNL0cJltDGsxQU+dYFh84WYaeMWh8ymr1dy/urNb7k5EqUM2B3pLGxW1KDN R/Y5vOfwjpVCSZgYnCrtu8i4tge2T9xLhMeQo+KTCRECPgZkh3YfJWfmWDp/A5kIetMmYsTE y60Zk338LnQLKdmxeEDFz2sICxRoZtJ1CN1U9qrTnXEcUU/OBjY72G4xh8RH/w5ToYoXE6rZ DR3RiDbD5xwVhYPjt7Zt3tmfMAkBZQDXx/PS1onzRVHjABEBAAHCwF8EGAECAAkFAlMd83AC GwwACgkQnaW4VbNpNJoZowf/e3hYARIpLmy2xcs7gU8rvoX7Mvf4bakt8s8u4lQ2q6KonEWO WMIENG6TaeRyjInzolAzTe5DPEIMWD8toI/bxNeA5/Cb24Op+4kgKgfMWfsX1+VOPS0H7RM3 53ODGBfEPy0Bytu448OiNOsEGI/EYL7UD95pvFT3hrdmya+kwXN5LeI2Y7O6f19F0WX4L4l+ 09k+KgS1wu+pMVYkGEI3akFzEr5ovwZwX/T57zFQf3NfMQ+8Pw29Yx5pDdlBvbe/14QcvNY5 aGo2M8d6zoRBogbAtb8FQ9GZIFA5LvZBsi9YpAFF+2Jd8p7lEmRKeHVh2DzJQjeyiXJdP4eK uskx/Q==
  • Delivered-to: mosquitto-dev@xxxxxxxxxxx
  • List-archive: <>
  • List-help: <>
  • List-subscribe: <>, <>
  • List-unsubscribe: <>, <>
  • Openpgp: preference=signencrypt
  • User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0

Hi Praveen.

On 2018-03-31 00:43, Praveen Badsheshi wrote:
> This question seems to be a silly question, but I would like to know if

A bit silly yes, but also technically interesting.

> it is possible to connect to MQTT broker using openssl s_client ?
> Idea is, I do not want to connect using mosquitto_connect. So I am
> looking for any other option to establish the MQTT connection.

You don't disclose the intention behind doing this. This makes it a bit
hard to advise properly. What do you want to achieve by not being
dependent on libmosquitto's mosquitto_connect()?
Are you testing broker connectivity and intend just to make a TCP
connection to reach the broker, or do you actually need to create a MQTT
session on the broker and maybe even use it afterwards?

The first is easily achived by using plain telnet, netcat or openssl
s_client without sending any data. Depending on the broker's logging
capabilities and level you'll probably see a log error message saying
that a client attempted to connect but didn't adhere to the MQTT protocol.

Using netcat:
$ nc -z localhost 1883

The Mosquitto broker on localhost 1883 configured with "log_type debug"
will emit in its "log_dest file" log:

1522681207: New connection from on port 1883.
1522681207: Socket error on client <unknown>, disconnecting.

Taking it a bit further as MQTT is a binary protocol you'll need some
fiddling to actually talk to the broker on the command line. It is not
as straight forward as HTTP/SMTP and other text oriented protocols.

Establishing the first interaction between a client and broker, ie.
client sending the CONNECT control packet[1] and receiving a CONNACK[2]
reply, can be done on the command line as follows using netcat. This is
again to an unencrypted broker, the client identifying itself with
ClientId "a" asking for CleanSession=0.

$ echo -en "\x10\x0d\x00\x04MQTT\x04\x00\x00\x00\x00\x01a" |nc localhost
00000000  20 02 01 00                                       | ...|

Request and reply being binary it is not obvious to see what is going on
unless you are familiar with the details of the protocol (for starters,
first byte indicates control packet type, where 0x10 in request is
CONNECT, 0x20 in reply is CONNACK).

Mosquitto broker log from this exchange, showing the broker accepting
the "a" client:
1522681274: New connection from on port 1883.
1522681274: Client a disconnected.
1522681274: New client connected from as a (c0, k0).
1522681274: Sending CONNACK to a (1, 0)
1522681274: Socket error on client a, disconnecting.

This can also be done on encrypted endpoints using openssl s_client
(somehow s_client stdout doesn't behave well when piped, so redirect to
tempfile, and s_client needs to be manually terminated using ctrl-c):

$ echo -en "\x10\x0d\x00\x04MQTT\x04\x00\x00\x00\x00\x01a" |openssl
s_client -quiet -connect >out
depth=1 C = GB, ST = United Kingdom, L = Derby, O = Mosquitto, OU = CA,
CN =, emailAddress = roger@xxxxxxxxxx
verify error:num=19:self signed certificate in certificate chain

$ hd out
00000000  20 02 01 00                                       | ...|

Hope this was helpful,


Attachment: signature.asc
Description: OpenPGP digital signature

Back to the top