Can't connect to mosquitto using openSSL - Micro Gateway

I currently have a PR55-21 MQTT micro gateway and I’m trying to use the secure connnection and a certificate to connect over to mosquitto who is using the same certificate. The problem is that I’m not able to connect no matter what I do.

openSSL commands:
openssl genrsa -out ca.key 4096
openssl req -x509 -new -nodes -key ca.key -sha256 -days 3650 -out ca.crt

openssl genrsa -out broker.key 2048
openssl req -new -key broker.key -out broker.csr
openssl x509 -req -in broker.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out broker.crt -days 365 -sha256

openssl genrsa -out client.key 2048
openssl req -new -key client.key -out client.csr
openssl x509 -req -in client.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out client.crt -days 365 -sha256

mosquitto do have the certificates in the .conf and when I connect to it using mqtt explorer and the client certificate it works.

mosquitto.conf:

TLS PORT

listener 8883
cafile path\to\mqtt_certs\ca\ca.crt
certfile path\to\mqtt_certs\broker\broker.crt
keyfile path\to\mqtt_certs\broker\broker.key
require_certificate true
password_file path\to\CertificatMQTT\password
#protocol mqtt
#tls_version tlsv1.2

Logs

log_type all
log_dest file path\to\log\mosquitto.log

In the mosquitto.log, this is what I see:
1736527162: New connection from ip:port on port 8883.
1736527162: OpenSSL Error[0]: error:0A000126:SSL routines::unexpected eof while reading

Any help will be appreciated!

Can you please provide a screen shot of the settings entered in the Gateway?

Also please use the same credentials entered into the gateway to attempt connection from a software MQTT Client such as this one:

I highly recommend getting the software client to connect, once that is working you will know for certain your credentials are good and then you can attempt to use those credentials in the Gateway.

Thank you,
Travis Elliott

Hi! Sorry for the wait.

So I tried different methods to connect the gateway to mosquitto:
I was able to connect using port 1883 and 8883 using the credentials in the password files.
I even have made new certificates.
On my pc I can connect to the broker using the password, the ca.crt and TLS and Validate Certificate.
The problem I have right now is that the gateway is using the same ca.crt, the same password and have secure connection enabled but give me a unsupported protocol error.
OpenSSL Error[0]: error:0A000102:SSL routines::unsupported protocol or more often this
OpenSSL Error[0]: error:0A000412:SSL routines::ssl/tls alert bad certificate
If you still need a screen shot, I’ll send you one.
I don’t know what version is the latest for the micro gateway pr55-21 but it’s on v1.0.11

Thanks in advance!

Are you using both Root CA and private key files to verify connection? What MQTT versions do you have Mosquitto configured to accept(3.1, 3.1.1, 5.0, etc)? I have only tested the MQTT Gateways with version 3.1 and 3.1.1. I do not know that it will work with 5.0

Also are you entering a Client ID into the Gateway? Depending on Mosquitto configuration it may require a Client ID to be set.

I do have an article on connecting the Micro gateway to Mosquitto here:

I’m using the ca.crt in the mosquitto.conf, in mqtt explorer to connect locally (it works for me) and in the gateway (doesn’t work, get error). In the .conf file, the protocol is set to mqtt and after searching it is said that it use all of the version when using → protocol mqtt. I’m not entering a Client ID



The only problem is Secure Connection

I’m not sure what could be causing this issue. Can you try entering a Client ID in the MQTT Gateway to see if that resolves it? You can set it to something like NCD_Gateway

Thank you,
Travis