OwnTracks is an open-source GPS location history logging service (the main components are apps for iPhone and Android.) OwnTracks takes care of sending the data, and recommends using Mosquitto as the framework on the receiving or “broker” side. The whole thing is then pretty much unusable until you stop it, delete the cert lines out of the yaml and start again.Mosquitto is an open-source message broker service that uses the MQTT protocol to send and receive messages, typically with IOT (Internet of Things) devices. No matter where I try I always get a ‘can’t find the certificate’ type error followed by a whole heaps of the usual ‘I can’t connect’ errors… It should be totally possible, but I can’t quite grasp where to place the ca.crt. Now I’m trying to get some Pi 4s going with zigbee2mqtt on docker (running the IOTStack build) - I have this working and I have my first zigbee device detected and passed straight to HA - super excited at how easy that went.īut, ever the tinkerer…I know wonder if it is possible to get the zigbee2mqtt on the PI to use port 8883 back to HA with certificates. I followed it yesterday (and copied it so I could do it again) to get my instance set up…only difference is that I used 10 years certs…I think I’ll rebuild before they run out! In your mqtt explorer certificate tab, navigate to these 3 files. Paste these 2 files somewhere in your windows. To test if you can login successfully, you can use mqtt explorer. sudo openssl x509 -req -in client.csr -CA ca.crt -extfile v3.ext -CAkey ca.key -CAcreateserial -out client.crt -days 720 The one you use to login to mqtt.Īt sep 3, use the same v3.ext file when creating the server certificate. Since we will use the same file from the server certificates, start from Step 1 from that link.Īt step 2, under common name, input your mqttuser name. Now is time to create a client certificate. Restart mqtt and you should see in log that the certificates are found. Your Mqtt config file should look like this.
The files should go under ssl folder ca.crt Now Paste these 3 files into your mqtt addon. KeyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
IP = HA local ip address authorityKeyIdentifier=keyid,issuer Paste these line in the v3.ext, changing the DNS and IP to suite your settings. sudo openssl x509 -req -in server.csr -CA ca.crt -extfile v3.ext -CAkey ca.key -CAcreateserial -out server.crt -days 720 When you get to step 5, add the v3.ext file like so before creating the certificate.
0 kommentar(er)
