[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
Re: [mosquitto-dev] declare two listeners
|
----- Original Message -----
> From: "Leandro" <ingrogger@xxxxxxxxx>
> To: "General development discussions for the mosquitto project" <mosquitto-dev@xxxxxxxxxxx>
> Sent: Wednesday, 16 May, 2018 21:12:23
> Subject: [mosquitto-dev] declare two listeners
>
> Hi guys , so far can not get two listeners working properly.
> 1st_ I would like my listener at port 8884 , working without ssl.
> 2nd_ I would like my second listener at port 5002 working with ssl and
> acl plugin.
>
> 1st listener doesn`t work.
> when trying to subscribe , broker returns:
>
> [root@ip-172-31-38-56 ~]# mosquitto_sub -t activation/rtu_b827eb8ec0c3
> -p 8884
> Connection Refused: not authorised.
>
> 2nd listener works as expected.
> mosquitto_pub -h mqtt.control.com.ar -p 5002 -t
> activation/rtu_b827eb8ec0c3 -m "comando2" -u ssl_user -P 1234 -i
> ssl_user --cafile ./all-ca.crt -d
>
> mosquitto_sub -h mqtt.control.com.ar -p 5002 -t
> activation/rtu_b827eb8ec0c3 -u b827eb8ec0c3 -P pwd_b827eb8ec0c3 -i
> b827eb8ec0c3 --cafile ./all-ca.crt
> comando2
>
>
> ######################################following my conf file:
>
> port 8884
>
> listener 5002
> pid_file /var/run/mosquitto.pid
> persistence true
> persistence_location /var/lib/mosquitto/
> log_dest syslog
> log_facility 7
> log_dest file /var/log/mosquitto.log
> log_timestamp false
> log_type debug
> include_dir /etc/mosquitto/conf.d
> allow_anonymous false
> cafile /etc/mosquitto/certs/all-ca.crt
> keyfile /etc/mosquitto/certs/server.key
> certfile /etc/mosquitto/certs/server.crt
> auth_plugin /etc/mosquitto/auth-plug.so
> auth_opt_backends mysql
> auth_opt_host localhost
> auth_opt_port 3306
> auth_opt_dbname mosquitto_db
> auth_opt_user mosquitto_user
> auth_opt_pass mosquiTTo_2017
> auth_opt_userquery SELECT pw FROM users WHERE username = '%s'
> auth_opt_superquery SELECT IFNULL(COUNT(*), 0) FROM users WHERE username
> = '%s' AND super = 1
> auth_opt_aclquery SELECT topic FROM acls WHERE username = '%s'
You can't make different listeners have different ACL mechanisms. If you want that, perhaps run two Mosquittos and bridge them? Or there are probably other methods to achieve what you need to do.