This project included in my portofolio as IoT Engineer, of course what I can use is basic sample for every stack that I use.
- Authentication user-password
- Encryption user password
- Add user
- Delete user
- Logging Mosquitto Broker
- Securing Connection using OpenSSL
- Example on C++, Python, and Node.js
-
Build to generate ssl to
./certs/generated
docker compose --profile ssl up --build
Expected Output:
ssl | Certificate request self-signature ok
ssl | subject=C = ID, ST = EastJava, L = MusuyabaHut, O = ServerCertMusuyaba, OU = TestServerCert, CN = mosquitto-broker
ssl | server.crt: OK
ssl exited with code 0 -
Running mosquitto-broker, mosquitto-sub, and mosquitto-pub
docker compose --profile mosquitto up --build
Expected Output:
Attaching to mosquitto-broker, mosquitto-pub, mosquitto-sub
-
Open new terminal on the same directory and check container that running
docker compose ps
Expected Output:
-
Add user + password from mosquitto-broker container
docker compose exec mosquitto-broker mosquitto_passwd -b /mosquitto/config/password.txt newUser newUser
-
Restart mosuquitto-broker container
docker restart mosquitto-broker
Expected Output:
mosquitto-broker
-
Publish message from terminal 2 using SSL to topics/iot
docker compose exec mosquitto-pub mosquitto_pub -h mosquitto-broker -t topics/iot -m "Wellcome to Hell as admin" -u admin -P admin --cafile /mosquitto/certs/generated/ca.crt --tls-version tlsv1.2 -d
Expected Output on terminal 1 (as subscriber):
mosquitto-sub | Wellcome to Hell as admin
Expected Output on terminal 2 (as publisher with debug):
Client null sending CONNECT
Client null received CONNACK (0)
Client null sending PUBLISH (d0, q0, r0, m1, 'topics/iot', ... (25 bytes))
Client null sending DISCONNECT -
Publish message from terminal 2 without ssl to topics/iot2 (still working because mosquitto-broker config still open port 1883)
docker compose exec mosquitto-pub mosquitto_pub -h mosquitto-broker -t topics/iot2 -m "Wellcome to Hell as user" -u user -P user -d
Expected Output on terminal 1 (as subscriber):
mosquitto-sub | Wellcome to Hell as user
Expected Output on terminal 2 (as publisher with debug):
Client null sending CONNECT
Client null received CONNACK (0)
Client null sending PUBLISH (d0, q0, r0, m1, 'topics/iot2', ... (24 bytes))
Client null sending DISCONNECT -
Publish message from terminal 2 using user newUser to topics/iot3
docker compose exec mosquitto-pub mosquitto_pub -h mosquitto-broker -t topics/iot3 -m "Wellcome to Hell as newUser" -u newUser -P newUser -d
Expected Output on terminal 1 (as subscriber):
mosquitto-sub | Wellcome to Hell as newUser
Expected Output on terminal 2 (as publisher with debug):
Client null sending CONNECT
Client null received CONNACK (0)
Client null sending PUBLISH (d0, q0, r0, m1, 'topics/iot3', ... (27 bytes))
Client null sending DISCONNECT -
Remove user 'newUser' and restart mosquitto-broker
docker compose exec mosquitto-broker mosquitto_passwd -D /mosquitto/config/password.txt newUser && docker restart mosquitto-broker
-
Try again to publish message using user 'newUser'
docker compose exec mosquitto-pub mosquitto_pub -h mosquitto-broker -t topics/iot -m "Wellcome to Hell as newUser" -u newUser -P newUser
Expected Output on terminal 2 (as publisher):
Connection error: Connection Refused: not authorised.
Error: The connection was refused. -
Press
Ctrl+C
on terminal 1 to shutdown mosquitto-broker, mosquitto-pub, and mosquitto-sub containerExpected Output on terminal 1:
Aborting on container exit...
[+] Stopping 3/3
✔ Container mosquitto-pub Stopped
✔ Container mosquitto-sub Stopped
✔ Container mosquitto-broker Stopped
canceled
- CPP Client
- Node.js Client
- Python Client
- Create Readme.md
- Docker for OpenSSL
- Docker for Broker
- Docker for Subscriber
- Docker for Publisher
Distributed under the MIT License.
Please, if you had any hestitate contact me on: