Error Connecting to Mosquitto Broker via Websockets

Question

Using the Client on HIVEMQ when I try to connect my mqtt server, I get the following error:

Firefox can’t establish a connection to the server at ws://xxx.com:8083/mqtt.
Connect failed: AMQJS0007E Socket error:undefined.

I'm using the following parameters:

Host: xxx.com
Port: 8083

Running Command mosquitto, I get the response:

[ 1615.745348]~DLT~ 1670~INFO     ~FIFO /tmp/dlt cannot be opened. Retrying later...
1608926628: mosquitto version 1.6.9 starting
1608926628: Config loaded from /etc/mosquitto/conf.d/default.conf.
1608926628: Opening ipv4 listen socket on port 1883.
1608926628: Opening ipv4 listen socket on port 8883.
1608926628: Opening ipv6 listen socket on port 8883.
1608926628: Opening websockets listen socket on port 8083.

and My Mosquitto conf file is:

allow_anonymous false
password_file /etc/mosquitto/passwd

listener 1883 localhost

listener 8883
certfile /etc/letsencrypt/live/burooq.com/cert.pem
cafile /etc/letsencrypt/live/burooq.com/chain.pem
keyfile /etc/letsencrypt/live/burooq.com/privkey.pem

listener 8083
protocol websockets
certfile /etc/letsencrypt/live/burooq.com/cert.pem
cafile /etc/letsencrypt/live/burooq.com/chain.pem
keyfile /etc/letsencrypt/live/burooq.com/privkey.pem

Looking for all port opened, I get:

     To                         Action      From
     --                         ------      ----
[ 1] Apache Full                ALLOW IN    Anywhere
[ 2] 22/tcp                     ALLOW IN    Anywhere
[ 3] 22                         ALLOW IN    Anywhere
[ 4] 80/tcp                     ALLOW IN    Anywhere
[ 5] 80                         ALLOW IN    Anywhere
[ 6] 443/tcp                    ALLOW IN    Anywhere
[ 7] 443                        ALLOW IN    Anywhere
[ 8] 80,443/tcp                 ALLOW IN    Anywhere
[ 9] 8883                       ALLOW IN    Anywhere
[10] 8083                       ALLOW IN    Anywhere
[11] 2222                       ALLOW IN    Anywhere
[12] Apache Full (v6)           ALLOW IN    Anywhere (v6)
[13] 22/tcp (v6)                ALLOW IN    Anywhere (v6)
[14] 22 (v6)                    ALLOW IN    Anywhere (v6)
[15] 80/tcp (v6)                ALLOW IN    Anywhere (v6)
[16] 80 (v6)                    ALLOW IN    Anywhere (v6)
[17] 443/tcp (v6)               ALLOW IN    Anywhere (v6)
[18] 443 (v6)                   ALLOW IN    Anywhere (v6)
[19] 80,443/tcp (v6)            ALLOW IN    Anywhere (v6)
[20] 8883 (v6)                  ALLOW IN    Anywhere (v6)
[21] 8083 (v6)                  ALLOW IN    Anywhere (v6)
[22] 2222 (v6)                  ALLOW IN    Anywhere (v6)

Mosquitto version 1.6.9
Ubuntu version 20.04.1 LTS

On one of my Ubuntu machine, I am using the same mosquitto version 1.6.9 and facing the same issue. Did you solved your issue.? I also noticed that I have another machine running Ubuntu16 and it has mosquitto version installed 1.6.10 and there I am not facing this issue. Now I wonder, weather its something related to this version 1.6.9 — S Andrew, May 25 '21 at 03:41

hardillb · Answer 1 · 2020-12-26T09:29:44.650

2

You can't use the IP address, you have to use the hostname that you got the certificate issued for e.g. burooq.com

The reason is that the browser will not be able to validate the certificate from the broker because it will not have an CN or SAN entry for the IP address.

You will also need to ensure that the firewall is configured to allow external access on port 8083

EDIT:

Also having just double checked the HiveMQ Websocket showcase page, it does not look to support connecting to a TLS secured MQTT over Websockets broker.

edited Dec 26 '20 at 09:29

answered Dec 25 '20 at 23:18

hardillb

54,545
11
67
105

I have the port 8083 with action (ALLOW IN) and From Anywhere. but still running into the same error – ASH Dec 26 '20 at 06:19
And if you try with the hostname? – hardillb Dec 26 '20 at 09:10
@ASH read the edit, the HiveMQ site doesn't support MQTT over Websockets with TLS – hardillb Dec 26 '20 at 16:43
would you please suggest any alternative that support the same. Thx – ASH Dec 26 '20 at 16:57
Write your own, it's relatively trivial using the paho Javascript library – hardillb Dec 26 '20 at 17:10

score 0 · Answer 2 · edited Aug 21 '22 at 02:35

I had to create the file location for logs

$ mkfifo /tmp/dlt

change the listening port in your Mosquitto config file

$ vim /etc/mosquitto/mymosqui.conf

  Listeners 8443

Restart Mosquitto:

$ sudo service mosquitto restart

Check the status:

$ sudo service mosquitto status

Check the ports if they are listening:

$ netstat -tulpn | grep mos

tcp        0      0 0.0.0.0:8443            0.0.0.0:*               LISTEN   148132/mosquitto
tcp6       0      0 :::8443                 :::*                    LISTEN      
  148132/mosquitto

Error Connecting to Mosquitto Broker via Websockets

2 Answers2