Right now i’m using the free version of HiveMQ cloud. For my device to connect i need the RootCA, client certificate and client key.
I’m using the root CA from here.
This thread contains a list of frequently asked questions about HiveMQ Cloud
Can I use Websockets with HiveMQ Cloud?As of July 15th HiveMQ Cloud does support Websockets as well.
My device requires a server CA file to connect via TLS. How can I generate this for my HiveMQ Cloud instance?You can download the root certificate <a href="https://letsencrypt.org/certs/isrgrootx1.pem">here</a>.
This will create a file called “isrgrootx1.pem”, which you can use as “Server Certicia…
But then the Client cert and key.
I found how to create them.
openssl req -x509 -newkey rsa:2048 -keyout mqtt-client-key.pem -out mqtt-client-cert.pem -days 360
But don’t they need to be signed?
we use the command that you send but we did need to create other server.pem because in the test we erase de server 4ad85… the result is the same .
i think that my device needs the other files (deviceWise of telit).i did try to upgrade the cluster to standar version to look if i have more options to change this configuration with TLS but support have issues with the purchase
Is there a way to connect without username and password? My device only uses the certificates and key for authentication.
Great that you are interested in HiveMQ and MQTT!
Client cert and key:
openssl req -x509 -newkey rsa:2048 -keyout $clientKeyName.pem -out $clientCertName.pem -days 360 -passout pass:$clientKeyPass -subj "/CN=$clientName"
Connect without username using MQTT CLI:
# start MQTT CLI in shell mode:
# from the shell mode of MQTT CLI send connect and check verbose debug output:
con -h $hostname -p $port --cafile server.pem --cert clientCert.pem --key clientKey.pem --debug --verbose <<<password
Dasha from HiveMQ team
Thank you for your response.
It still doens’t work unfortunately.
I am getting the following:
unable to read encrypted data: 1.2.840.1135220.127.116.11 not available: Cannot find any provider supporting 1.2.840.113549.3.7)
I not sure how this will work with my device. Since i cannot configure any password in my device.
For a user of HiveMQ Cloud Free account, the only way to connect to the broker is to use authentication with username and password (and cafile if that is needed on the device).
There is no way to get connection working with client certificate and client key only, without username and password. Since the HiveMQ Cloud broker doesn’t contain the client’s certificate in the broker truststore.
Sorry that your device couldn’t work with our cloud broker. For my information, what is the device that you are working on?
Dasha from HiveMQ team
No worries. I just have to find another solution.
I was wondering if, it was possible with a paid subscription.
FYI, my device is a FOX3 from Lantronix.
Anyway thank you for the info.
To have a custom authentication would be only possible with Dedicated
HiveMQ Cloud Broker. And, in case if the broker is self-hosted, then with an Enterprise HiveMQ Broker license via HiveMQ Enterprise Security Extension.
You are welcome!,
Dasha form HiveMQ Team