I’m trying and searching the web since hours but I just can’t get the MQTT Broker on my Home Assistant (on Raspberry Pi) to work with SSL.
I want to use my Meross plug via MQTT and found some instructions on how to configure everything but I always get errors in the Broker Log.
Im currently using this config:
certfile: server.crt customize: active: false folder: mosquitto keyfile: server.key logins: - username: mqtt password: XXX require_certificate: false cafile: ca.crt allow_anonymous: true
Even though, I disabled ports 1883 and 1884, is seems like it is still opening those ports for listening:
1643380355: Opening ipv4 listen socket on port 1883. 1643380355: Opening ipv6 listen socket on port 1883. 1643380355: Opening websockets listen socket on port 1884. 1643380355: Opening ipv4 listen socket on port 8883. 1643380355: Opening ipv6 listen socket on port 8883. 1643380355: Opening websockets listen socket on port 8884. 1643380355: Warning: Mosquitto should not be run as root/administrator. 1643380355: mosquitto version 1.6.12 running 1643380355: New connection from 127.0.0.1 on port 1883. 1643380355: Socket error on client <unknown>, disconnecting. 1643380362: New connection from 172.XX.XX.XX on port 1883. 1643380362: New client connected from 172.30.XX.XX as 2dnxclbggAx2SYZqR6z2vS (p2, c1, k60, u'mqtt').
For testing, I just tried to connect the Mosquitto Broker Integretion with port 8883 but this is not working and also not appearing in the logs.
I created the certificates as described in this post:
I also tried to use a custom mosquitto.conf
log_type all log_dest stdout listener 8883 use_username_as_clientid true allow_anonymous true require_certificate false # replace with your CA Root cafile /ssl/ca.crt # replace with your server certificate and key paths certfile /ssl/server.crt keyfile /ssl/server.key
This is always leading to the following errors:
[15:37:45] INFO: Starting mosquitto MQTT broker... 1643380665: Loading config file /share/mosquitto/mosquitto.conf 1643380665: mosquitto version 1.6.12 starting 1643380665: |-- *** auth-plug: startup 1643380665: Config loaded from /etc/mosquitto/mosquitto.conf. 1643380665: Loading plugin: /usr/share/mosquitto/auth-plug.so 1643380665: ├── Username/password checking enabled. 1643380665: ├── TLS-PSK checking enabled. 1643380665: └── Extended authentication not enabled. 1643380665: Opening ipv4 listen socket on port 8883. 1643380665: Opening ipv6 listen socket on port 8883. 1643380665: Opening ipv4 listen socket on port 1883. 1643380665: Opening ipv6 listen socket on port 1883. 1643380665: Opening websockets listen socket on port 1884. 1643380665: Opening ipv4 listen socket on port 8883. **1643380665: Error: Address in use**
Earlier, I had errors like wrong version for the certificate. This is not appearing anymore but I still can’t get the MQTT to work properly.
Maybe someone has some experience with this or can give me a hint.