tls bridging: How to enable TLS and avoid looping msg #1533
-
Hello, I'm running 2 nanoMQ Servers, a local one (windows server) and a remote one (ubuntu server) - both 0.20. This configuration seems to be working, with mqtt-explorer i can connect to the server as expected and send / receive data. So, for the local one, I tried various configurations, none seems to work. According to the documentation, to use tls-encrypted connection, I have to provide "tls+mqtt-tcp://hostname:port" as server name. When I'm doing this, the mqtt server doesnt start anymore, just showing the error message:
Any Idea whats wrong there? Configuration looks like:
|
Beta Was this translation helpful? Give feedback.
Replies: 5 comments
-
Most likely is the version of NanoMQ you are using is not TLS enabled. Please be aware that MbedTLS is not enabled by default. ALso, it is not enabled in Alpine docker release. |
Beta Was this translation helpful? Give feedback.
-
Ah, that may be possible. Just running on the default binaries available for Windows. So guess I either have to compile it myself then, or switch to a unix Version for the side-local mqtt as well. Will try today and tomorrow, and if sucessfull post some details on how to get tls running. Also had some issues with the letsencrypt certificate, but was able to solve these by modifying the pem-files. |
Beta Was this translation helpful? Give feedback.
-
Ok, so I setup a local unix based nanomq and got the bridge working. So, (important) Configuration overall is now on the remote server:
and for the local one:
And for those using a letsencrypt certificate, heres a little hint: The fullchain.pem contains three certificates. Now I just have to figure out, how to keep a topic that could be modified on both brokers in sync at best. Is there a configuration to have either mqtt avoid forwarding the message, if it has been received from the other mqtt-broker? |
Beta Was this translation helpful? Give feedback.
-
Hi bro, happy to see you figured it out by yourself. Windows hasn't get much attention from me, although I assume the basic feature set of NanoMQ shall be compatible with POSIX in Win. As for the looping msg. You need a remote MQTT V5 broker Just use MQTTV5 NO LOCAL (https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901164). To be specifically, set |
Beta Was this translation helpful? Give feedback.
-
Thx for your information about MQTTV5 NO LOCAL - that indeed did the trick 👍 |
Beta Was this translation helpful? Give feedback.
Hi bro, happy to see you figured it out by yourself. Windows hasn't get much attention from me, although I assume the basic feature set of NanoMQ shall be compatible with POSIX in Win.
As for the looping msg. You need a remote MQTT V5 broker Just use MQTTV5 NO LOCAL (https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901164). To be specifically, set
proto_ver = 5
, and Nano will enable No Local automatically. Then Remote Broker will filter those msg send by nanomq itself.