Configure Mosquitto to use a Commercial Certificate for SSL

There are three main ways of obtaining SSL certificates but purchasing a commercial certificate from a provider is probably the most popular option. When you do this you will be provided with a collection of files. In this tutorial we look at using the certificates provided by Thawte to configure a mosquitto broker to use SSL. We will be configuring the broker to support MQTT+SSL and also MQTT+websockets +SSL

Continue reading

Tips for Testing The Mosquitto Broker on Linux

I get to setup mosquitto in lots of different configurations for my tutorials and for helping people with their setup problems as well as clients. As I get lots of questions regarding setup problems I thought it would be useful to take you through my setup configuration and procedures.

Continue reading

Using A Lets Encrypt Certificate on Mosquitto

If you are running MQTT on a closed network then creating and using your own certificates as explained in Creating and Using Client Certificates with MQTT and Mosquitto is  perfectly fine. However if you require public access to the broker over SSL and in particular over websockets and SSL then using a public certificate like let’s encrypt has advantages.

Continue reading

Using the Mosquitto_ctrl Tool

The Mosquitto_ctrl tool was introduced with mosquitto v2 and is used for dynamically making user and ACL changes on a mosquitto broker. To use it the target broker needs to have the dynamic security plugin enabled. The tool is effectively a modified mosquitto publish client and if you subscribe to the $CONTROL topic you can see the messages that it publishes (example shown below).

Continue reading

Understanding and Using the Mosquitto Dynamic Security Plugin

The dynamic security plugin can be used instead of the password file and the ACL (Access Control list) . Mosquitto Username and Password Authentication -Configuration and Testing Mosquitto ACL -Configuring and Testing MQTT Topic Restrictions The plugin is available in mosquitto v2 but it is not enabled by default.

Continue reading

How to Install The Mosquitto MQTT Broker on Linux

In this tutorial we will look at how you install and run the mosquitto MQTT broker on a Linux server running for example Raspberry Pi or Ubuntu. Here are the steps I used on Ubuntu. sudo apt-add-repository ppa:mosquitto-dev/mosquitto-ppa sudo apt-get update sudo apt-get install mosquitto sudo apt-get install mosquitto-clients sudo apt clean For Raspberry Pi the instructions are taken from  here: wget http://repo.mosquitto.org/debian/mosquitto-repo.gpg.key sudo apt-key add mosquitto-repo.gpg.key Then make the repository available : cd /etc/apt/sources.list.d/ Then , depending on which version of debian you are using: sudo wget http://repo.mosquitto.org/debian/mosquitto-jessie.list sudo wget http://repo.mosquitto.org/debian/mosquitto-stretch.list sudo wget http://repo.mosquitto.org/debian/mosquitto-buster.list Then update apt information: sudo

Continue reading

Configure a Mosquitto Bridge With SSL Encryption

It is very likely that a bridged connection between two brokers will be encrypted. The Mosquitto broker (server) provides two methods of using SSL encryption on a bridged connection Certificate encryption PSK encryption In this tutorial we will be configuring a secure bridged connection using both methods. If you are new to certificates then you should read this tutorial on SSL encryption and certificates before continuing.

Continue reading