Secure mosquitto bridge to HiveMQ Cloud

divyansh2779 · December 10, 2024, 9:27am

Hi,
I have been trying to create a secure mosquitto bridge to HiveMQ cloud using the following .conf file:

listener 1884
allow_anonymous true

connection hivemq
address broker.hivemq.com:8883
#bridge_cafile /server.pem
topic # both 0
bridge_protocol_version mqttv311
try_private false
notifications false
bridge_attempt_unsubscribe false
bridge_insecure true

but this connection is getting closed again and again:

1733822673: Warning: Bridge hivemq using insecure mode.
1733822673: mosquitto version 2.0.18 starting
1733822673: Config loaded from test1.conf.
1733822673: Opening ipv4 listen socket on port 1884.
1733822673: Opening ipv6 listen socket on port 1884.
1733822673: Bridge local.am62xx-evm.hivemq doing local SUBSCRIBE on topic #
1733822673: Connecting bridge (step 1) hivemq (broker.hivemq.com:8883)
1733822673: mosquitto version 2.0.18 running
1733822674: Connecting bridge (step 2) hivemq (broker.hivemq.com:8883)
1733822674: Bridge am62xx-evm.hivemq sending CONNECT
1733822674: Client local.am62xx-evm.hivemq closed its connection.
1733822681: Bridge local.am62xx-evm.hivemq doing local SUBSCRIBE on topic #
1733822681: Connecting bridge (step 1) hivemq (broker.hivemq.com:8883)
1733822681: Connecting bridge (step 2) hivemq (broker.hivemq.com:8883)
1733822681: Bridge am62xx-evm.hivemq sending CONNECT
1733822682: Client local.am62xx-evm.hivemq closed its connection.

Also, when I try to use the server.pem file by uncommenting #bridge_cafile /server.pem, I get the following:

1733822805: Warning: Bridge hivemq using insecure mode.
1733822805: mosquitto version 2.0.18 starting
1733822805: Config loaded from test1.conf.
1733822805: Opening ipv4 listen socket on port 1884.
1733822805: Opening ipv6 listen socket on port 1884.
1733822805: Bridge local.am62xx-evm.hivemq doing local SUBSCRIBE on topic #
1733822805: Connecting bridge (step 1) hivemq (broker.hivemq.com:8883)
1733822805: mosquitto version 2.0.18 running
1733822806: Connecting bridge (step 2) hivemq (broker.hivemq.com:8883)
1733822806: Bridge am62xx-evm.hivemq sending CONNECT
1733822807: OpenSSL Error[0]: error:0A000086:SSL routines::certificate verify failed
1733822807: Bad socket read/write on client local.am62xx-evm.hivemq: A TLS error occurred.

How to resolve this issue?

Diego · December 10, 2024, 3:52pm

Hello @divyansh2779

Welcome to the HiveMQ Community! Could you please clarify whether you’re trying to connect the Mosquitto bridge to the HiveMQ Cloud broker or the HiveMQ public broker?

Kind regards,
Diego from HiveMQ Team

divyansh2779 · December 10, 2024, 4:09pm

It is the public HiveMQ broker i believe I am using, sorry for the error.
Can you please share resolution with respect to broker.hivemq.com

Diego · December 10, 2024, 5:35pm

@divyansh2779

Ensure to download the Amazon Root CA 1 certificate at https://www.amazontrust.com/repository/AmazonRootCA1.pem and use it in the bridge_cafile parameter, sample below.

listener 1884
allow_anonymous true

connection hivemq
address broker.hivemq.com:8883
bridge_cafile /AmazonRootCA1.pem
topic # both 0
bridge_protocol_version mqttv311
try_private false
notifications false
bridge_attempt_unsubscribe false
bridge_insecure true

Kind regards,
Diego from HiveMQ Team

Topic		Replies	Views
Can't connect from Mosquitto to HiveMQ Cloud HiveMQ Cloud	3	100	September 10, 2024
Bridge Mosquitto to HiveMQ Cloud HiveMQ Cloud	10	6440	March 2, 2022
Duplicate Messages - Mosquitto Bridge HiveMQ Cloud	4	1852	September 10, 2022
HIVEMQ conection with m5stack core2 HiveMQ Cloud	7	1373	May 1, 2023
Connection Failure: RPI Pico W to HiveMQ Cloud HiveMQ Cloud	3	834	August 22, 2022

Secure mosquitto bridge to HiveMQ Cloud

Related topics