[chbot] help with ssl certs for mqtt broker in debian 11?
nzandydean at gmail.com
Sat Aug 21 06:59:59 BST 2021
With lockdown i had the time to try getting a vps running with a web server and mqtt broker. The goal was
A Web Host with https certification
a mosquitto MQTT broker with both port 1883 mqtt access as well as secured websocket access to the broker at port 9001.
Short story: I’m not a unix or a web guy, but I have managed to get everything but the secure websockets for mosquitto working. I can run unsecured websockets to mosquitto and my https certs are working, but mosquitto chokes out if i try to link to the letsencrypt certs from its config. I have no idea if this is permissions or what, but i’m stuck and baffled.
I started by ordering a $30/month vps from voyager. They demanded to do a background check and were painfully unresponsive to presale queries (ignoring at least 3 messages over 5 days) A day after ordering from voyager with no estimated timeframe, I got frustrated and ordered a $3 vps from aliababa cloud to play with in the meantime. Alibaba had the distro active in less than a minute. However, (and unfortunately for me), both alibaba and voyager only offered debian distros in version 8… and although I was able to register an .xyz domain for 18c from alibaba, I could never figure out how to get websockets working with the old version of mosquitto in debian 8… so
2 days later after that I got frustrated and ordered a vps ($5/month) from linode (they had an oz server rack) and their debian distro went up to 11! So, I ordered it and it was activated and booting 20 seconds after my CC was approved! I installed mosquitto 2.x and nginx onto debian 11 without any problems. I bought a random cheap domain from namecheap ($7 instead of 18c, but oh well) got the dns routed, got https certs working great with nginx and got websockets working on port 9001 with mosquitto.
However, for my application i need to use secured websockets (I don’t care at all whether they are secured, but i need to have a webpage make the connection, and that requires ssl)
All the tutorials i can find online simply tell me to point to my letsencrypt certs from the mosquitto config.
I have this as my mosquitto config (as per the tutorials):
(this is the correct path to the files, which are all there)
with this error: 1629522697: Error: Unable to create websockets listener on port 9001.
when this didn’t work, i also tried copying the letsencrypt certs into mosquitto/certs but no change.
I know its a long shot, but is there anybody in the robotics club that knows what all the above means and is able to give me a hand?
Oh, and the end of the story is that while alibabacloud took 1 minute to partition their vps, linode took 25 seconds and... Voyager took 6 DAYS, and the links they sent out to the domain manager were broken. I tried to cancel the vps at the 3 day mark, but they had yet to issue me a custer ID number so there was no way to cancel it. They finally gave me an ID after the (broken) server went up so i immediately cancelled the service.
Thanks for any help!
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Chchrobotics