HiveMQ

Bridge Mosquitto to HiveMQ Cloud

Guys - hope someone can help point me in the right direction.

I have been a long term user of Mosquitto onprem, and want to bridge to HiveMQ Cloud (free).

I have googled and spend several hours playing with mosquitto.conf settings but cannot get HiveMQ messages to bridge down to the onprem Mosquitto.

Mosquitto shows ““Bridge Mosquitto sending CONNECT”… closely followed by " Client local. Mosquitto closed its connection”.

All 56 local mqtt devices work perfectly with Mosquitto and I have three test devices in HiveMQ cloud working fine. I can brown with MQTT Explorer to both brokers and all is working as expected.

I can only assume its something to do with TLS and lack of cert on the local Mosquitto that si wrong but cannot find any means to get capfile for the connection.

Any ideas?

Many thanks for your time.

Hi @BestGear,

A typical pitfall, when trying to bridge mosquitto to HiveMQ is that you have to have the following setting in your mosquitto.conf

try_private false

HiveMQ does not support mosquitto’s proprietary bridging protocol and therefore you need to make sure that the mosquitto acts as a regular MQTT client.

In regards to the CA file:
You should not need a CA file, as the certificates for HiveMQ cloud are signed by a trusted CA.
It’s of course entirely possible that an older system might not have the CA included that we are using.
In this case you can simply created a CA file for yourself, using the openssl s_client

openssl s_client -connect <YOUR-URL>:8883 -showcerts < /dev/null 2> /dev/null | sed -n '/BEGIN/,/END/p' > server.pem

This will create a file called server.pem, which can be used as the CAfile for mosquitto.

Regards,
Florian from the HiveMQ Team.

Thank you Florian for the quick reply.

I have checked, and already had try_private false set.

Can I view logs somewhere on HiveMQ to see what errors it is seeing?

I have not ventured near certs based on what you said previously.

I have attached the only (recurring) mosquitto error that I am seeing…

Could this mean that the connection is actually ok, but the topic is set wrongly? (currently topic # in 0 in mosquitto.conf).

David

Hi

Still no joy here.

Can I just confirm that the free HiveMQ does support a bridge?

I have installed mosquitto now on RPi… (was on Windows) and still no joy.

I can connect to HiveMQ from the same device using MQTT explorer for example without error using the same credentials.

See attached error.

My gut feel is that either bridge_capath or bridge_cafile is required.

David

Hi

Added a cert using your openssl approach above… still no joy…

DOH!

Hi BestGear,
where di you install your mosquitto ? on a synology ? i may need the same …

Hi

Installed Mosquitto on Windows 10 as well as RPi… same error from both platforms.

I have been playing with certs and stuck with a “certificate verify fail” error.

See attached image below.

My only remaining try is to rehash the cert - which I have read may be an issue - which is weird as the cert does verify correctly when using one of the many online cert validators.

Note that I have insecure mode set - which I understood told Mosquitto to ignore an invalid cert (ie the host name does not match the cert … and HiveMQ is a wildcard cert from what I see).

I have not been able to even verify if the free HiveMQ product supports bridges!

Next idea… install HiveMQ locally… see if that works.

David