I am trying to get my weather station web presence secure with https:// Therefore, I also need my MQTT server be secure via SSL.
I followed the setup by https://obrienlabs.net/how-to-setup-your-own-mqtt-broker/ I received my certificates from Let's encrypt and edited my mosquitto config file accordingly: GNU nano 6.2 /etc/mosquitto/conf.d/myconfig.conf persistence false allow_anonymous true #allow_zero_length_clientid true password_file /etc/mosquitto/passwd acl_file /etc/mosquitto/acl # mqtt #listener 1883 localhost listener 8883 certfile /etc/letsencrypt/live/weewx.bz3gfkrlqtrsc3sv.myfritz.net/cert.pem cafile /etc/letsencrypt/live/weewx.bz3gfkrlqtrsc3sv.myfritz.net/chain.pem keyfile /etc/letsencrypt/live/weewx.bz3gfkrlqtrsc3sv.myfritz.net/privkey.pem tls_version tlsv1.2 protocol mqtt # websockets listener 9001 certfile /etc/letsencrypt/live/weewx.bz3gfkrlqtrsc3sv.myfritz.net/cert.pem cafile /etc/letsencrypt/live/weewx.bz3gfkrlqtrsc3sv.myfritz.net/chain.pem keyfile /etc/letsencrypt/live/weewx.bz3gfkrlqtrsc3sv.myfritz.net/privkey.pem protocol websockets every time I reboot now mosquitto, I get an error by mosquitto: root@weewx:/# sudo systemctl restart mosquitto.service Job for mosquitto.service failed because the control process exited with error code. See "systemctl status mosquitto.service" and "journalctl -xeu mosquitto.service" for details. root@weewx:/# sudo systemctl status mosquitto.service *×* mosquitto.service - Mosquitto MQTT Broker Loaded: loaded (/lib/systemd/system/mosquitto.service; enabled; vendor preset: enabled) Active: *failed* (Result: exit-code) since Fri 2023-09-29 15:32:19 CEST; 1s ago Docs: man:mosquitto.conf(5) man:mosquitto(8) Process: 542132 ExecStartPre=/bin/mkdir -m 740 -p /var/log/mosquitto (code=exited, status=0/SUCCESS) Process: 542133 ExecStartPre=/bin/chown mosquitto /var/log/mosquitto (code=exited, status=0/SUCCESS) Process: 542134 ExecStartPre=/bin/mkdir -m 740 -p /run/mosquitto (code=exited, status=0/SUCCESS) Process: 542135 ExecStartPre=/bin/chown mosquitto /run/mosquitto (code=exited, status=0/SUCCESS) Process: 542136 ExecStart=/usr/sbin/mosquitto -c /etc/mosquitto/mosquitto.conf *(code=exited, status=1/FAILURE)* Main PID: 542136 (code=exited, status=1/FAILURE) CPU: 22ms Sep 29 15:32:19 weewx systemd[1]: mosquitto.service: Scheduled restart job, restart counter is at 5. Sep 29 15:32:19 weewx systemd[1]: Stopped Mosquitto MQTT Broker. Sep 29 15:32:19 weewx systemd[1]: *mosquitto.service: Start request repeated too quickly.* Sep 29 15:32:19 weewx systemd[1]: *mosquitto.service: Failed with result 'exit-code'.* Sep 29 15:32:19 weewx systemd[1]: *Failed to start Mosquitto MQTT Broker.* root@weewx:/# Once I command the certificates out, mosquitto starts up fine. I double checked that the certificates can be read by everybody. Any clue what else I check for? TIA, Stefan -- You received this message because you are subscribed to the Google Groups "weewx-user" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/weewx-user/0fb5acdb-156e-489c-a3bb-06acfe4381a8n%40googlegroups.com.
