How to configure serverHost, serverPort & sslConfig to connect by SSL to 8883?

Having read some docs and all examples I could find, I do not see a very simple example of connecting by SSL to 8883. It was very simple to create the Android client to connect to the broker at mosquito.org, port 1883. But using credentials that I generated there, when trying to connect to port 8883 fails and this log message is seen:
MacAddressUtil com.example.tryhive W Failed to find a usable hardware address from the network interfaces; using random bytes: f4:51:aa:f9:c6:c8:9d:fa

I am just following simple examples for client creation:

mqttClient = MqttClient.builder()
.useMqttVersion3()
.identifier(“MyID”)
.serverHost("test.mosquitto…
.serverPort(8883)
.sslConfig()
.keyManagerFactory(managers.kmf)
.trustManagerFactory(managers.tmf)
.applySslConfig()
.buildAsync()

The key manager and trust manager factories, built with the credentials created at mosquito.org work to make a TLS connection using the Paho MqttAndroidClient in a different Android app - should I post those here as well anyway?

I tried to use a similar serverHost as done with Paho client:

.serverHost("ssl://test.mosquitto…
.serverPort(8883)

But that results in an exception being thrown in Netty.

Please share any sample code that works for you or lessons you learned wrt this using HiveMQ yourself.

FYI: I was disallowed to post as a new user because of having more than “two links”, so I truncated with ellipses this:
.serverHost(“test.mosquitto.org”)
and this:
.serverHost(“ssl://test.mosquitt.org”)

Also interesting to note is that when I first ran the non-secure client, I inadvertently left in the uri used with Paho Client, so this:
.serverHost(“tcp://test.mosquitto.org”)
.serverPort(1883)

And that as well caused the connection to fail with the same MacAddressUtil log above:
MacAddressUtil com.example.tryhive W Failed to find a usable hardware address from the network interfaces; using random bytes: f4:51:aa:f9:c6:c8:9d:fa

That is why I didn’t clutter this post with the code that creates the Key and Trust Manager Factories passed to the sslConfig() - it seems that the error is somewhere else.

To note: there are 14 pages of results for “HiveMQ client” at stackoverflow and I have scanned them all, reading very many, to no avail.

Suspecting an issue in Netty, I’ve tried using their latest release to no avail:

dependencies {
    implementation 'com.hivemq:hivemq-mqtt-client:1.3.0'
    implementation(platform("io.netty:netty-bom:4.1.85.Final"))

Still no connection by SSL to 8883 :-{

Still cannot connect with HiveMQ client to any mosquitto secure ports: 8883, 8884, or 8885.

So I tried to go in through the websocket interface with this:

    implementation 'com.hivemq:hivemq-mqtt-client-websocket:1.3.0'

and of course adding to the MqttClient.builder():

.webSocketWithDefaultConfig()

Then it connects without .sslConfig() to mosquitoo port 8080
But then enabling SSL, connections fail to ports 8081, 8090 & 8091

I know that this seems to point more to an error in my implementation of the KeyManagerFactory and/or the TrustManagerFactory, but the identical code to build them is used in an app that uses the Paho client, and secure connection succeeds.

Hi @scott ,

It is great to see your interest in MQTT and HiveMQ, welcome to the community!

Have you already tried out the example illustrating how to connect test.mosquitto.org with and without TLS, with and without certificates? For the instructions on how to prepare necessary certificates please refer to the README.

I hope this helps
Kind regards,
Dasha from HiveMQ team