I'm trying to connect Mosquitto bridge to the broker with SSL. I've prepared configuration basing on these:
/
/
When I disable SSL (remove certs from configs and change the port) it works fine. Furthermore, test app that I wrote in nodeJS with mqtt library connects to the broker over SSL without any problems (using the same ca.crt as bridge). So it looks like there is something wrong in the bridge but don't know what and logs don't help.
MQTT broker config:
allow_anonymous true
listener 8883
protocol mqtt
cafile /mosquitto/certs/ca.crt
certfile /mosquitto/certs/server.crt
keyfile /mosquitto/certs/server.key
MQTT bridge config:
log_type all
allow_anonymous true
listener 1883 0.0.0.0
connection hub_to_cloud
address XXX.XXX.XX.XX:8884
bridge_cafile /mosquitto/certs/ca.crt
bridge_protocol_version mqttv311
try_private false
topic # both 0
docker-compose.yml:
version: "3.8"
services:
nginx:
image: nginx:alpine
restart: always
container_name: nginx-container
ports:
- 80:80
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf
- ./nginx/logs:/var/log/nginx
networks:
- mqtt-net
depends_on:
- mosquitto
mosquitto:
image: eclipse-mosquitto:2
container_name: mqtt-broker
ports:
- 1884:1883
- 8884:8883
- 9002:9001
volumes:
- ./mosquitto/config:/mosquitto/config
- ./mosquitto/data:/mosquitto/data
- ./mosquitto/log:/mosquitto/log
- ./mosquitto/certs:/mosquitto/certs
networks:
- mqtt-net
networks:
mqtt-net:
nginx.conf:
events {
worker_connections 1024;
}
stream {
error_log /var/log/nginx/error.log;
upstream mqtt_broker {
server mqtt-broker:8884;
}
server {
listen 8884;
proxy_pass mqtt_broker;
}
}
And the only result from the bridge is:
Connecting bridge hub_to_cloud (XXX.XXX.XX.XX:8884)
I'm trying to connect Mosquitto bridge to the broker with SSL. I've prepared configuration basing on these:
http://www.steves-internet-guide/mosquitto-tls/
http://www.steves-internet-guide/mosquitto-bridge-encryption/
When I disable SSL (remove certs from configs and change the port) it works fine. Furthermore, test app that I wrote in nodeJS with mqtt library connects to the broker over SSL without any problems (using the same ca.crt as bridge). So it looks like there is something wrong in the bridge but don't know what and logs don't help.
MQTT broker config:
allow_anonymous true
listener 8883
protocol mqtt
cafile /mosquitto/certs/ca.crt
certfile /mosquitto/certs/server.crt
keyfile /mosquitto/certs/server.key
MQTT bridge config:
log_type all
allow_anonymous true
listener 1883 0.0.0.0
connection hub_to_cloud
address XXX.XXX.XX.XX:8884
bridge_cafile /mosquitto/certs/ca.crt
bridge_protocol_version mqttv311
try_private false
topic # both 0
docker-compose.yml:
version: "3.8"
services:
nginx:
image: nginx:alpine
restart: always
container_name: nginx-container
ports:
- 80:80
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf
- ./nginx/logs:/var/log/nginx
networks:
- mqtt-net
depends_on:
- mosquitto
mosquitto:
image: eclipse-mosquitto:2
container_name: mqtt-broker
ports:
- 1884:1883
- 8884:8883
- 9002:9001
volumes:
- ./mosquitto/config:/mosquitto/config
- ./mosquitto/data:/mosquitto/data
- ./mosquitto/log:/mosquitto/log
- ./mosquitto/certs:/mosquitto/certs
networks:
- mqtt-net
networks:
mqtt-net:
nginx.conf:
events {
worker_connections 1024;
}
stream {
error_log /var/log/nginx/error.log;
upstream mqtt_broker {
server mqtt-broker:8884;
}
server {
listen 8884;
proxy_pass mqtt_broker;
}
}
And the only result from the bridge is:
Share Improve this question asked Mar 7 at 16:03 PawełPaweł 411 gold badge1 silver badge4 bronze badges 1 |Connecting bridge hub_to_cloud (XXX.XXX.XX.XX:8884)
1 Answer
Reset to default 0Ok, I managed to resolve the problem. When I changed the image version to
eclipse-mosquitto:latest
it started to work fine. In this image there is mosquitto version 2.0.21, while in
eclipse-mosquitto:2
mosquitto is in version 2.0.18 and it doesn't work.
发布者:admin,转转请注明出处:http://www.yc00.com/questions/1744919121a4601022.html
8884so it would appear that the conenction would direct, and not via nginx?). "remove certs from configs and change the port" - why change the port? (please test over port8884without TLS). Is anything logged in the central broker log? – Brits Commented Mar 7 at 20:49