I tried to connect MQTTS with my HTTPS server but it didn't work. It works fine on MQTTX but with PHP it doesn't connect

Question

I tried to connect MQTTS with my HTTPS server but it didn't work. It works fine on MQTTX but with PHP it doesn't connect.

<?php 

$server   = 'myServer';
$port     = '8883';
$clientId = 'testing';
$username = 'XXXX';
$password = 'XXXX';
$clean_session = false;

$connectionSettings  = new ConnectionSettings();
$connectionSettings->setUsername($username)
    ->setPassword($password)
    ->setKeepAliveInterval(60)
    ->setLastWillTopic('mytopic')
    ->setLastWillMessage('client disconnect')
    ->setLastWillQualityOfService(1);

$mqtt = new MqttClient($server, $port, $clientId);
$mqtt->connect($connectionSettings, $clean_session);

$mqtt->subscribe('mytopic/respond', function ($topic, $message) use ($mqtt) {
    echo $message;
}, 2);

$mqtt->close();
$mqtt->interrupt();
?>

How to connect MQTTS with PHP.

"I tried [...] but it didn't work" does not tell much. Please see the [help] how you can improve your question, e.g. for troubleshooting you should provide error or diagnostic messages. "It doesn't connect" is similar. There can be many reasons why a system can not connect. — hakre, Dec 16 '22 at 08:16

hardillb · Answer 1 · 2022-12-16T08:34:54.420

1

Looking at the source code for the phpMQTT library you need to pass a cafile in the constructor to enable a SSL/TLS connection.

$mqtt = new MqttClient($server, $port, $clientId, $cafile);

Where the cafile is the path to a CA certificate to validate the broker.

edited Dec 16 '22 at 08:34

answered Dec 16 '22 at 07:10

hardillb

54,545
11
67
105

Need? According to the code the **CA-file is clearly optional**. Please clarify in your answer what you're trying to say. – hakre Dec 16 '22 at 07:53
You need to pass a ca file to enable an SSL connection, look at the if block I linked to. – hardillb Dec 16 '22 at 07:54
@hakre If you think you can give a better answer then please do, but my reading of the code is that the only way to get a SSL/TLS connection opened is gated by the presence of a `cafile` variable which when taken in the context of the OPs question is obvious, if I'm wrong then provide a better answer. – hardillb Dec 16 '22 at 08:32
Hi hardillb, thanks for your reply. But this returns me "PhpMqtt\Client\Exceptions\ProtocolNotSupportedException: The given protocol version [/etc/emqx/certs/emqx.crt] is not supported. in file /var/www/app/data/vendor/php-mqtt/client/src/MqttClient.php on line 88". Is there any way to solve this issue? – Ankit Gandhi Dec 16 '22 at 09:00

hardillb · Answer 2 · 2022-12-16T13:03:22.880

OK, first answer was against the wrong phpMQTT library, trying again.

The correct library is here: https://github.com/php-mqtt/client

From the doc:

// This flag determines if TLS should be used for the connection. The port which is used to

// connect to the broker must support TLS connections.
->setUseTls(false)

e.g.

$connectionSettings->setUsername($username)
    ->setPassword($password)
    ->setKeepAliveInterval(60)
    ->setLastWillTopic('mytopic')
    ->setLastWillMessage('client disconnect')
    ->setUseTls(true)
    ->setLastWillQualityOfService(1);

score 0 · Accepted Answer · edited Dec 25 '22 at 04:05

For connecting MQTTS we need to add three additional params into the connectionSettings

->setUseTls(true)
->setTlsSelfSignedAllowed(true) // Allow self-signed certificates. Discouraged for production use.
->setTlsVerifyPeer(false)           // Do not require the self-signed certificate to match the host. Discouraged.

https://github.com/php-mqtt/client-examples/blob/master/03_connection_settings/02_use_tls_without_client_certificate.php

<?php 

$server   = 'myServer';
$port     = '8883';
$clientId = 'testing';
$username = 'XXXX';
$password = 'XXXX';
$clean_session = false;

$connectionSettings = (new ConnectionSettings)
    ->setUsername($username)
    ->setPassword($password)
    ->setKeepAliveInterval(60)
    ->setLastWillTopic('mytopic')
    ->setLastWillMessage('client disconnect')
    ->setUseTls(true)
    ->setTlsSelfSignedAllowed(true) // Allow self-signed certificates. Discouraged for production use.
    ->setTlsVerifyPeer(false)           // Do not require the self-signed certificate to match the host. Discouraged.
    ->setLastWillQualityOfService(1);

$mqtt = new MqttClient($server, $port, $clientId);
$mqtt->connect($connectionSettings, $clean_session);

$mqtt->subscribe('mytopic/respond', function ($topic, $message) use ($mqtt) {
    echo $message;
}, 2);

$mqtt->close();
$mqtt->interrupt();
?>

I tried to connect MQTTS with my HTTPS server but it didn't work. It works fine on MQTTX but with PHP it doesn't connect

3 Answers3