1. MQTT server uses the same certificates as the web server. By default self-signed certificate is used. You can upload your own private key and certificate in System config > Services > HTTP SSL certificate.
2. We do not provide instructions on how to obtain SSH access. We do not provide support if any changes have been made to the system via SSH.
09.04.2024, 11:43 (This post was last modified: 09.04.2024, 11:54 by j4jayesh.)
(09.04.2024, 11:25)admin Wrote: 1. MQTT server uses the same certificates as the web server. By default self-signed certificate is used. You can upload your own private key and certificate in System config > Services > HTTP SSL certificate.
2. We do not provide instructions on how to obtain SSH access. We do not provide support if any changes have been made to the system via SSH.
Thanks for your prompt response. I understand & respect policy on SSH.
(09.04.2024, 11:25)admin Wrote: 1. MQTT server uses the same certificates as the web server. By default self-signed certificate is used. You can upload your own private key and certificate in System config > Services > HTTP SSL certificate.
2. We do not provide instructions on how to obtain SSH access. We do not provide support if any changes have been made to the system via SSH.
I use SSL Certificate app from LM app store and it works fine for Web server. How do I access those certificates to paste in System config > Services > HTTP SSL certificate, please?
(09.04.2024, 11:25)admin Wrote: 1. MQTT server uses the same certificates as the web server. By default self-signed certificate is used. You can upload your own private key and certificate in System config > Services > HTTP SSL certificate.
2. We do not provide instructions on how to obtain SSH access. We do not provide support if any changes have been made to the system via SSH.
Thanks for your prompt response. I understand & respect policy on SSH.
(09.04.2024, 11:25)admin Wrote: 1. MQTT server uses the same certificates as the web server. By default self-signed certificate is used. You can upload your own private key and certificate in System config > Services > HTTP SSL certificate.
2. We do not provide instructions on how to obtain SSH access. We do not provide support if any changes have been made to the system via SSH.
I use SSL Certificate app from LM app store and it works fine for Web server. How do I access those certificates to paste in System config > Services > HTTP SSL certificate, please?
I have uploaded my own certificates and it is working fine for Web server.
However I face following issues for mqtt
1) I received ca_bundle.crt and certificate.crt files, private.key from CA. I converted .crt to .pem with command "openssl x509 -in ca_bundle.crt -out ca.pem -outform PEM"
2) Uploaded ca.pem via FTP to /data/ftp (screenshot attached)
3) made appropriate changes in mqtt client script (screenshot attached).
4) When script runs, it gives following error "invalid argument provided at line 90 (screenshot attached)
(09.04.2024, 13:24)admin Wrote: Upload to FTP root and make sure to use ftp login (not apps). For ftp user the root directory absolute path is /data/ftp/
Appreciated your prompt responses.
Now it gives protocol error (screenshot attached).
Am I supposed to give broker as dns name and not IP address? (screenshot attached).
If your certificate is bound to a domain name then you need to specify it instead of specifying an IP as the broker address.
You can add client.ON_LOG = log before client:login_set(...) for more verbose logging.
For testing purposes or when you are connecting locally you can use client:tls_insecure_set(true) instead of client:tls_set(...)
When connecting locally you can specify 127.0.0.1 as the broker address.
(10.04.2024, 07:43)admin Wrote: If your certificate is bound to a domain name then you need to specify it instead of specifying an IP as the broker address.
You can add client.ON_LOG = log before client:login_set(...) for more verbose logging.
For testing purposes or when you are connecting locally you can use client:tls_insecure_set(true) instead of client:tls_set(...)
When connecting locally you can specify 127.0.0.1 as the broker address.
You can add client.ON_LOG = log before client:login_set(...) for more verbose logging.
This is done. Please find attached screenshot. I tried with both IP and FQDN.
For testing purposes or when you are connecting locally you can use client:tls_insecure_set(true)
It works with client:tls_insecure_set(true). However, in our application it is required to use CA signed certificates (at-least for broker).
When connecting locally you can specify 127.0.0.1 as the broker address.
I tried the same and log is the same as attached screenshot.
