How to Mosquitto Bridge with MyQtthub TLS


#1

1. Introduction

The following article explains how to connect your Mosquitto broker to MyQttHub with a bridge so messages sent to your MyQttHuB will be sent to your mosquitto and viceversa.

The article provides the general configuration you must follow but possibly you will have to tailor it to better fit your needs.

2. Make sure you have an updated Mosquitto

Make sure you have an updated mosquitto server installed in your system that provides support for “remote_clientid”. Also make sure you have an OpenSSL installed with latest public certificates located at /etc/ssl/certs.

Certainly it is possible to connect Mosquitto to MyQttHub as a bridge using insecure protocol (mqtt without TLS) but it is highly not recommended.

3. Make sure you create specific credentials for your Mosquitto server

  1. If you do not have them, use the following article to create a device that represents your mosquitto server connection:

    How to create and manage your MQTT devices with MyQttHub.com

  2. It does not have to be admin device. It must be active.

  3. Jot down those credentials (clientId, userName and password), you will use them on next sections.

4. Configuring your Mosquitto server to bridge with MyQttHub

Assuming you already have mosquitto installed in your system, follow these steps:

  1. Open /etc/mosquitto/mosquitto.conf and add the following general indications (before any call to include_dir):

    # External MQTT Broker: MyQttHub
    connection node02.myqtthub.com
    
    # Connect to standard TLS MQTT port
    address node02.myqtthub.com:8883
    
    # Ensure mosquitto finds certificates to validate public ones
    bridge_capath /etc/ssl/certs
    
    # Connect everything both sides
    topic # both
    
    # configure credentials to authenticate (the ones created previous)
    remote_clientid  <put-here-client-id>
    remote_username <put-here-user-name>
    remote_password <password>
    

5. Now restart and check logs

  1. After everything is configured, restart your mosquitto, which, depending on your OS, should be something like:

     # systems with systemd
     >> systemctl restart mosquitto 
     # systems with upstart
     >> service mosquitto restart
     # systems with init.d sysV
     >> /etc/init.d/mosquitto restart
    
  2. After that you should see something like the following in your logs (in particular, you should receive a CONNACK):

     >> tail -f /var/log/mosquitto/mosquitto.log
     593017815: Bridge local.<your-client-id-will-appear-here> doing local SUBSCRIBE on topic #
     1593017815: Connecting bridge (step 1) node02.myqtthub.com (node02.myqtthub.com:8883)
     1593017816: Connecting bridge (step 2) node02.myqtthub.com (node02.myqtthub.com:8883)
     1593017816: Bridge <your-client-id-will-appear-here> sending CONNECT
     1593017816: Received CONNACK on connection local.<your-client-id-will-appear-here>.
     1593017816: Bridge local.<your-client-id-will-appear-here> sending SUBSCRIBE (Mid: 2, Topic: #, QoS: 0, Options: 0x00)
    
  3. At the same time, if you go to “Connected Device”:

    image

  4. …click on “Connected Devices”:

    image

  5. …you should see your mosquitto device, with a bridge indication:


Is it possible to configure a bridge with local mosquitto?
MyQttHub EN -- Start here