I am using the addon in Hassio for MQTT .
In the documentation the warning states to disable anonymous: and set logins:
When not doing so, I get a warning in the MQTT-log saying:
When following the documentation recommendation, I am getting this error messages:
Could someone please tell me how to set up MQTT to maintain security.
MQTT or Mosquitto?
Mosquitto can use client certs but I’m not certain they’re implemented in HA. You can for stuff like Owntracks over MQTT. In all honesty if they’re on the LAN you don’t really need that level of security (if someone is on your network snooping your traffic you have a bigger issue). You should be using at a minimum a user/pass combo that you set up when configuring Mosquitto.
What’s in your configuration.yaml?
Mine looks like this:
# MQTT
mqtt:
broker: core-mosquitto
username: !secret mqtt_user_name
password: !secret mqtt_password
where username and password are as configured in the broker addon
{
"plain": true,
"ssl": false,
"anonymous": false,
"logins": [
{
"username": "xxxxxx",
"password": "xxxxxx"
}
],
"customize": {
"active": false,
"folder": "mosquitto"
},
"certfile": "fullchain.pem",
"keyfile": "privkey.pem"
}
It was a user- keyboard interface error.
Meaning my bad, since I obviously can’t write the simplest things.