[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
[mosquitto-dev] Can't get Mosquitto working with TLS on Raspberry Pi
|
Hello,
I have installed Mosquitto on a brand new Raspberry Pi. OS is Raspbian.
I followed the instructions on the Owntracks website
(http://owntracks.org/booklet/guide/broker/).
The broker is listening on port 1883 on localhost. Using a username and
password I can run mosquitto_sub in one ssh session to the Pi, and
receive messages sent by mosquitto_pub from another ssh session.
The broker is also listening on port 8883. I created certificates using
the script in the Owntracks repository
(https://github.com/owntracks/tools/blob/master/TLS/generate-CA.sh).
When I run mosquitto_pub on the Pi, using the hostname or IP-address I
get an error "Error: Connection refused". When I use localhost or
127.0.0.1 the error is "A TLS error occurred.".
If I run mosquitto_pub on my desktop computer (which is in the same LAN
as the Pi), the error is "Connection refused". The command I run here is
mosquitto_pub -t owntracks/test -m Test -h pi1 --cafile ca.crt
where pi1 is the hostname of the Pi running the broker. The ca.crt file
is copied from the Pi to the desktop computer.
The Mosquitto log is not showing why the connections are refused.
This is the contents of /etc/mosquitto/mosquitto.conf:
--- start contents ---
# Place your local configuration in /etc/mosquitto/conf.d/
#
# A full description of the configuration file is at
# /usr/share/doc/mosquitto/examples/mosquitto.conf.example
pid_file /var/run/mosquitto.pid
persistence true
persistence_location /var/lib/mosquitto/
log_dest file /var/log/mosquitto/mosquitto.log
include_dir /etc/mosquitto/conf.d
--- end contents ---
And this is the contents of /etc/mosquitto/conf.d/local.conf:
--- start contents ---
persistence_file mosquitto.db
password_file /etc/mosquitto/passwd
log_dest syslog
log_dest stdout
log_dest topic
log_type error
log_type warning
log_type notice
log_type information
connection_messages true
allow_anonymous false
message_size_limit 1024
listener 1883 127.0.0.1
listener 8883
# tls_version tlsv1
cafile /etc/mosquitto/ca_certificates/ca.crt
certfile /etc/mosquitto/certs/pi1.crt
keyfile /etc/mosquitto/certs/pi1.key
require_certificate false
--- end contents ---
What is wrong in my setup?
Regards,
George