I’d like to add some extra security to my gateway-to-cloud connection, and I was looking at TLS but I haven’t found any documentation on setting this up. From Ubidots, the platform I’m sending data to, I’ve found these docs;
Before trying to do this on the MQTT Gateway use a software client like MQTT.fx here: https://mqttfx.jensd.de
Once you are able to connect to Ubidots using MQTT.fx software then try entering the same information into the MQTT gateway.
@TravisE_NCD_Technica I tested this out and was able to successfully transmit data with TLS enabled using MQTT.fx to Ubidots, however I was able to do it with the same information I tried using on the physical gateway device.
So you uploaded the same cert files you used with MQTT.fx to the gateway but it was still not able to connect?
I will attempt to test this on my Ubidots account today and see if I can get it working. I never attempted TLS from an MQTT Gateway to Ubidots but it should be relatively straight forward I would think.
Is there no private key or client certificate? That seems odd. Generally TLS requires more than just a Root cert, as that wouldn’t really be that secure.
I see it looks like they sort of use basic auth and TLS for this connection. TLS uses just a root cert file but a username is also used to authorize the connection. I have not seen this scheme with MQTTS in the past. I’ll continue to dig here.
Ok. I think I found the problem. Ubidots root certificate actually contains two certificates which makes it pretty long. I had to expand the size of the buffer for the Root CA to allow for a cert file that long. Try updating your gateway using these instructions and let me know if it works for you: