1-Visitor

Solved

SSL problems with MQTT and ThingWorx

Forum|Forum|5 years ago
March 31, 2021
2 replies
5597 views

Hello PTC,

I'e tried all the ways which are described in the forum, but I haven't got anything, I can't connect the MQTT Broker

with SSL enable(and works) with ThingWorx server. I'm using a 90 days version, and I don't know if the security configuration in the MQTT extension ca be enabled.

Thanks very much,

Carlos

Best answer by tdixit

Hello @charlo

If you check the Point 3 "useSSL: Should ThingWorx use SSL when connecting to the MQTT broker?" in the article shared. It is mentioned to copy the cacerts file into jssecacerts and I can see the cacerts is present at this C:\Program Files\Java\jre1.8.0_281\lib\security location

Please copy the cacerts file into jssecacerts

Best practice is to not modify cacerts directly
The JVM will choose jssecacerts over cacerts on startup

and then Import the Self-Signed Certificate or the Custom Root Certificate into the jssecacerts truststore with the following command:

keytool -import -alias <Descriptive Alias> -file <Path To Certificate File> -keystore jssecacerts
Where
- <Descriptive Alias>: Any identifier that will help identify the entry. Typically set to the FQDN of the host that signed the certificate.
- <Path To Certificate File>: Full path to the certificate file

and then restart Apache Tomcat

Regards,

Toolika Dixit

T

tdixit

5-Regular Member

Hello @charlo

Thank you for reaching out to PTC.

Could you please provide me below information in order to assist you further on this case

Please confirm ThingWorx version
Please confirm MQTT version
Please share ThingWorx and MQTT logs

Regards,

Toolika Dixit

C

charlo

Author

1-Visitor

Dear PTC,
my ThingWorx version is 9.1.0 (TRIAL)
my MQTT is Eclipse Mosquitto MQTT v5/v3.1.1 broker.
I've revised the log file, but as I hadn't got to turn on SSL, the SSL
problem is not in log files.
The problem is that there is only the SSL enable checkbox, but I can't
configure a CA file.
Regards,
Carlos

T

tdixit

5-Regular Member

Hello @charlo

Please check this article which explains how to configure MQTT broker which is using a Self-Signed or Custom Root Certificate

Regards,

Toolika Dixit

S

slangley

Community Manager

Hi @charlo.

If you have resolved your issue with the help of one of the previous responses, please mark the appropriate one as the Accepted Solution for the benefit of others with the same problem.

Regards.

--Sharon

Sign up

Please use your PTC eSupport account.

Welcome to the PTC Community

Please use your PTC eSupport account.

Scanning file for viruses.

This file cannot be downloaded