I have an ESP32 client that can connect to a mosquitto broker running on Ubuntu. The encryption uses pre shared key (psk) with tls.
I want to use psk as it is simpler to deploy on my devices. I will use the same key on all my devices. It is also faster and less work for the esp32 to use.
This works well with the standalone mosquitto broker. Now I would like to move this configuration to the Home Assistant MQTT add-on which is based on mosquitto. I have tried various configurations but have not been successful.
Does anyone have psk working with the add-on? Could you share the configuration details?
I have configured the add-on to look for mosquito.conf in the share/mosquitto folder and put various configurations in mosquitto.conf but no luck so far.
Simpler would be skip the encryption. I would only use encryption if I were running over the internet.
MQTT encryption is doable, but uncommon especially on your own locally controlled subnet because it is more to go wrong, and the most likely person it will lock out is you.
MQTT traffic is not something with a big risk as there are few if any passwords or secrets passed over it. Mostly light on, light off, low level stuff.
Yes, I agree, especially on my own network.
But I would like to install some sensors at remote locations and I feel the extra trouble is worth it. I will need to open port 8883 on my home router, so I will feel better with the extra security.
One problem with certificates is that they expire. Then they need to be renewed. So about every two years my sensors would stop working until I remembered to renew the certificates. The solution to this, is to generate self signed certificates with a very long expiration date. So far in the future I’ll never have to worry about it.
And even simpler is to use a Pre Shared Key, but there is very little information and examples to get this working with the MQTT addon.