We Keep Coding

How to recieve a Broker's data with an MQTT.fx client?

I have both a client and a broker running on a remote Linux machine within a Lora Network server that has a mosquitto connector.
The client can listen for the broker's broadcast from a certain address and port (#127.0.0.1:1883)
I would like to open an ssh tunnel between this remote machine and my machine (windows 10) to 'eavesdrop' on the communication between the client and the broker using MQTT.fx to run a mosquitto client;
So far I tried to:
Run ssh -L 22883:#remoteMachineAdress:1883 usern.ame#gatewayAdress -p222 on MobaXtrem](https://mobaxterm.mobatek.net/)
Then I launch a client on MQTT.fx to listen on the broker: 127.0.0.1 port 22883.
This establishes a connection to the broker. However, I am not receiving any of the messages passed to the original client (the one on the remote machine) receives.
Can anyone tell me what am I doing wrong?
And if there are any tutorials about this?
I appreciate all the help I can get, thank you in advance!

This configuration is correct, it was the connector on the server who was sending the data to a different application.

Traefik as Loadbalancer for MQTT over tcp with TLS

I am trying to use Traefik as Loadbalancer for MQTT over tcp with TLS (1.2). I found some posts here for the topic how to setup traefik for mqtt, but nothing related or solving my special problem/case.
I have setup the following configuration for simulating locally the behaviour of Traefik as a Reverse Proxy & Loadbalancer for MQTT on my developer Windows 10 machine
Mosquitto_168_8883 on Windows locally on Port 8883 with TLS enabled/selfsigned certificates
Traefik 2.1.2 on Windows listening on Port 7883 for routing to mqqt (toml see below)
Node-Red 1.0.3 on Windows (NodeJs 12.14.1) client connecting (a) directly to Mosquitto (b) over Traefik to Mosquito
(a) Directly connecting and publishing is working for Node-Red Client (Port 8883)
(b) via Traefik: Node-Red can not connect or publish to MQTT (Port 7883)
My Traefik TOML Configuration is as follows:
[tracing]
serviceName = "mqtt"
[log]
level = "DEBUG" # --log.level
[entryPoints]
[entryPoints.mqtt]
address = ":7883"
[entryPoints.traefik]
address ="localhost:8091"
[api]
dashboard = true
insecure = true
[tcp] # YAY!
[tcp.routers]
[tcp.routers.mqtt]
entrypoints = ["mqtt"]
rule = "HostSNI(`*`)" # Catches every request
service = "mqtt"
[tcp.routers.mqtt.tls]
passthrough = true
[tcp.services]
[tcp.services.mqtt]
[tcp.services.mqtt.loadBalancer]
[[tcp.services.mqtt.loadBalancer.servers]]
address = "localhost:8883"
Currently, I see nothing of interest within the active tracing and logging output. The Traefik UI shows no connection attemps via port 7883/TCP/Entrypoint mqtt
Does anyone has this usecase implemented up & running?
What am I doing wrong / what am I missing?
Thank you in advance.

SSL Connection on Solace MQTT Throwing Unknown Protocol error

I am using Solace VMR for MQTT Publish/subscribe service . I am using paho library for publishing and subscribing . I need SSL connection with the Solace for the purpose. I configured Server and CA Certificate . Using SolAdmin , I can see that SSL service is enabled on port 8883 . So when I am trying to connect to Solace MQTT for publishing the data , it is throwing me a error :
2016-09-09T16:54:50+0000 solace event: SYSTEM: SYSTEM_SSL_CONNECTION_REJECTED: - - SSL Connection rejected: reason (unknown protocol); connection to XXX.XX.XX.XXX:8883 from XXX.XX.XX.XXX:6217
6.
I am using the URL as ssl://XXX.XX.XX.XXX:8883. Please help where I am doing wrong ?

This error is seen when a client uses TLS 1.0 to establish an SSL connection with the Solace VMR. TLS 1.0 is not supported on the Solace VMR as it is deemed to be unsecure.
The connection should be successful when using TLS 1.1 or TLS 1.2.

How to setup secure tunnel to allow a client to communicate to a websocket?

I need to allow client to connect to a websocket on server 10.0.4.160. The 10.0.4.160 server does not have SSL installed on it but it have a websocket that is running on port 8080.
I need to setup a secure tunnel to allow the client to connect to the websocket.
I installed the stunnel on my windows Server 2008 R2, And changed my stunnel.conf file to look loke this
[websockets]
accept = 8443
connect = 8080
verify = 2
CAfile = ca-certs.pem
client = yes
I am expecting to connect to the server on port 8433 and the stunnel will allow the connection to connect to port 8080
This is the code that I use in the client's console "Of course, the console is on a PC that is on my internal network"
var conn = new WebSocket('wss://10.0.4.160:8443');
conn.onopen = function(e) {
console.log("Connection established!");
};
conn.onmessage = function(e) {
console.log(e.data);
};
While on the server I open up a command line and I execute this
telnet localhost 8080
I get a command line and when I fire the code above from a console I see this in the server's command line
But few seconds later I get this error in the console
WebSocket connection to 'wss://10.0.4.160:8443/' failed: Error in connection establishment: net::ERR_TIMED_OUT
If I try to send a command using conn.sent('Hello') I get this error
VM289:2 Uncaught DOMException: Failed to execute 'send' on 'WebSocket': Still in CONNECTING state.
at Error (native)
at <anonymous>:2:6
at Object.InjectedScript._evaluateOn (<anonymous>:905:140)
at Object.InjectedScript._evaluateAndWrap (<anonymous>:838:34)
at Object.InjectedScript.evaluate (<anonymous>:694:21)
Additionally, I tried to turn on debugging in strunnel by adding debug = 7
This is what I got in the stunnel console. I don't understand what is wrong as the logs show that the client is connected but I can't send messages from the client to the server
2015.08.16 16:40:06 LOG7[36]: Service [websockets] started
2015.08.16 16:40:06 LOG5[36]: Service [websockets] accepted connection from 10.0.4.195:21963
2015.08.16 16:40:06 LOG6[36]: s_connect: connecting 127.0.0.1:8080
2015.08.16 16:40:06 LOG7[36]: s_connect: s_poll_wait 127.0.0.1:8080: waiting 10 seconds
2015.08.16 16:40:06 LOG5[36]: s_connect: connected 127.0.0.1:8080
2015.08.16 16:40:06 LOG5[36]: Service [websockets] connected remote server from 127.0.0.1:50891
2015.08.16 16:40:06 LOG7[36]: Remote socket (FD=668) initialized
2015.08.16 16:40:06 LOG6[36]: SNI: sending servername: localhost
2015.08.16 16:40:06 LOG7[36]: SSL state (connect): before/connect initialization
2015.08.16 16:40:06 LOG7[36]: SSL state (connect): SSLv2/v3 write client hello A
What am I doing wrong here?
How come the connection keeps failing?

SSL/TLS with Eclipse Paho JavaScript Client

I've got a JavaScript-based WebApp that includes the Eclipse Paho client.
The WebApp is stored and executed on an NGINX webserver.
On the same Server where the webserver is installed, the MQTT broker mosquitto is running. I've defined port 8884 as listener port for secured connections.
Running mosquitto_sub (simple C client) with --cafile and -p 8884 works fine!
Now I want to secure the WebApp using SSL by passing mqttOptions = { useSSL: true } in my MQTT client implementation.
I can see that the app is trying to establish an connection to wss://ip instead of ws://ip. But the server responds with a connection refused which is totally clear because I did not configure anything on the webserver as I do not have a clue how to manage this. Will the wss connection be 'mapped' to a https or something? Do I need a websocket proxy in NGINX? Thanks in advance for any help.

You can not use the same port for raw MQTT and MQTT over websockets with mosquitto, you need to create 2 separate listeners.
The fact that you can connect with mosquitto_sub implies you have only set up a listener with the raw MQTT.
e.g.
listener 8883
listener 8884
protocol websockets
This will create a native MQTT listener on 8883 and a MQTT over websockets on port 8884

I did so. Here is the mosquitto conf entry:
listener 8884 127.0.0.1
protocol websockets
cafile /path/to/ca.crt
certfile /path/to/certfile.crt
keyfile /path/to/keyfile.key
require_certificate false
and so the app is trying to connect to myip:8884