Raspberry Pi is credit card sized, and probably most popular, single board computer. It can easily be used as local MQTT broker. This tutorial expects Raspbian operating system is already installed. If you are already using Raspberry Pi with other operating system, this tutorial can be easily adjusted.
|RPi v1||RPi v2||RPi v3|
|Frequency||700 MHz||900 MHz|
|Cores||Single core||Quad core|
|RAM||512 MiB||1024 MiB|
|Storage||SD||Micro SD||Micro SD|
|USB ports||2x USB 2.0||4x USB 2.0||4x USB 2.0|
|Powering||Micro USB||Micro USB||Micro USB|
pi@raspberry:~$ sudo apt-get install mosquitto
To be able to connect to central broker, we must configure resolving its hostname to IP address. Easiest way how to do that is add following line to
<ip_address> by actual public IP address of you central MQTT broker.
Configure domain name lookup is crucial step for establishing SSL connection. When your client opens connection to some hostname, server on other side have to send certificate request with common name of that hostname. If both hostnames doesn't match, client should reject this connection. This security mechanism can detect possible MITM attack. It is possible to disable this check, but it is strongly recommended to keep in enabled and use correct domain name lookup.
mosquitto creates its configuration files in
/etc/mosquitto. It uses main configuration file
/etc/mosquitto/mosquitto.conf which loads other files located in
# Place your local configuration in /etc/mosquitto/conf.d/ # # A full description of the configuration file is at # /usr/share/doc/mosquitto/examples/mosquitto.conf.example pid_file /var/run/mosquitto.pid persistence true persistence_location /var/lib/mosquitto/ log_dest file /var/log/mosquitto/mosquitto.log include_dir /etc/mosquitto/conf.d
To configure local broker, create
/etc/mosquitto/conf.d/bridge.conf file with following content:
# listen port listener 1883 # bridge configuration connection central-broker address central-broker:1883 clientid pce-eliska-bridge topic # both 0 "" area-name/ bridge_cafile /etc/mosquitto/ca_certificates/ca.crt bridge_certfile /etc/mosquitto/certs/your-cert-request.crt bridge_keyfile /etc/mosquitto/certs/your-keyfile.key # authentication username user password pass
There are few directives which have to be configured based on your needs:
topic- Defines MQTT topic which will be prepended to outgoing messages. Put here correct area name.
bridge_cafile- Path to CA file. Will be discussed later.
bridge_certfile- Path to certificate request file. Will be discussed later.
bridge_keyfile- Path to key file. Will be discussed later.
user- Username for local broker.
password- Password for local broker.
Last step of configuring broker if provide CA and cert files. You can fin instruction how to generate them on certificates page. It is good practice to put your CA file into
*.key files into
After you have successfully created these files, copy them in proper directories and configure
bridge_keyfile in your
/etc/mosquitto/conf.d/bridge.conf configuration file.