Secure connection to cloudmqtt from plugin

mqtt
Tags: #<Tag:0x00007f480e1263f0>

#1

I am trying to make a secure connection from the mqtt plugin to cloudmqtt. I can make an unsecure connection, so the basics are there, but looking at the code, in order to force tls I have to supply a certificate in client_cert:.

I have tried using the system file in /etc/ssl/certs/ca-certificates.crt, but that didn’t work and now I am out of ideas. Which file does it want?


#2

i know that @Odianosen25 uses that also, so i am sure that as soon as he can he will be here to help you.

i wouldnt even know where to start with this :wink:
i even use my mqtt without password :wink:


#3

@gpbenton,

Use it as ca_cert and not client_cert. Leave the others empty.

Regards


#4

Many thanks. That was the problem.

I do this on my network, but over the internet encryption is essential.

Theoretically, I can have one mqtt plugin to my local broker without encryption, and an encrypted one to cloudMQTT, but that is what I’m about to try next.


#5

@gpbenton,

I have that already. my AD is connected to 3 brokers.

  1. CloudMqtt with encryption

  2. Local Broker with just username and password

  3. Remote broker on the same network, without username and password

Theoretically, you can connect to as many brokers as you like. I use OwnTracks, which sends my data to CloudMqtt, and with an AD app, feeds it into a device_tracker component in HA; which is connected to a different Local broker. I then mix it with Andrew’s Home Monitor for home detection, which is also connected to my local broker.

So OwnTracks is used when not home, the other used when home for extra reliability.

Regards


#6

I was thinking of something like that - although I probably won’t use OwnTracks because of its reliance on Google Play Services (and the 02 network, which is down today :sob:).


#7

Uh? I don’t understand by reliance on Google Play Services.

Please can you educate me more on that?


#8

Its just something that those of us who are paranoid about Google try to avoid.


#9

Well I am paranoid abt Google and that was part of the reason i went with OwnTracks.

They made it clear that there is no need for any other service, and the level of control they give (especially with you then use the config file which is delm long), it looks very cool.

Though I use an iPhone anyway, and maybe mine is different for that reason.

if you not using OwnTracks, what other option that is MQTT based is there?

Regards


#10

Yes, I was referring to the Android app, Google Play Services is a library on Android.

I haven’t figured that out yet. ATM, the only use I can think of is to turn my heating on before I arrive home, and I am quite happy to do that manually through an MQTT client.

Long term, if I think of other uses, I might use something like Llama or Tasker to send MQTT message at the appropriate times. Or I might strip down the owntracks app and get rid of everything I don’t need.

But I need to think what I need it for before bothering to go much further.