MQTT Interface: Connection Issues

🚧 Developers
,
1

I have OwnTracks running on a Hyper-V Ubuntu Server VM. It’s set up to use MQTT on port 8883 and is encrypted using TLS. The OwnTracks Android app successfully connects to the host on port 8883 and updates location info as expected. I have also confirmed that I can connect to the VM’s mosquito broker from the outside using both MQTT Explorer and Node-Red and see device location updates published by the OwnTracks Android app.

On to the problem: I’m working on an OwnTracks Hubitat app and presence driver. The driver uses Hubitat’s MQTT interface (interfaces.mqtt) but I’m unable to establish a connection using the same credentials used in MQTT Explorer and Node-Red, both of which, allow TLS without specifying CA certificate, client certificate, and a passkey. Unfortunately, this doesn’t appear to be possible with the Hubitat MQTT interface. Per the developer docs, the interface exposes two “connect” methods:

void connect(String broker, String clientId, String username, String password)
void connect(String broker, String clientId, String username, String password, options (name/value pairs))

I’ve unsuccessfully tried connecting using both method signatures as follows:

mqttInt.connect(
	"tcp://owntracks.mydomainname.com:8883", 
	"hubitat", 
	myusername, 
	mypassword)
	 
mqttInt.connect(
	"tcp://owntracks.mydomainname.com:8883", 
	"hubitat", 
	myusername, 
	mypassword,
	tlsVersion: "1.2")

...and for good measure...

mqttInt.connect(
	"tcp://owntracks.mydomainname.com:8883", 
	"hubitat", 
	myusername, 
	mypassword,
	tlsVersion: "1.2",
	privateKey: "",
	caCertificate: "",
	clientCertificate: "")	 
	 
mqttInt.connect(
	"tcp://owntracks.mydomainname.com:8883", 
	"hubitat", 
	myusername, 
	mypassword,
	tlsVersion: "1.2",
	privateKey: null,
	caCertificate: null,
	clientCertificate: null)

In all four cases the connection causes the following exception:

error: initialize caused the following exception: Connection lost (32109) - java.net.SocketException: Connection reset

I'm a bit confused as to why I can connect without certs using MQTT Explorer and Node-Red but not from the Hubitat mqtt interface. Anyone have any suggestions as to what I might be doing wrong or provide any workarounds?

2

I don't use TLS with my broker so I can't help there but You might run afoul of the clientID string. The mosquito broker really dislikes two nodes with the same ID - it often kills both when the 2nd one attempts to connect or one of them gets into a connect loop.

I use this line to create a unique ID:
brokerName = "${getLocation().getHub().name}_${device}"

1 Like
3

Good catch--thanks!

4

Hmm, so the solution was to use the ssl:// protocol in the broker url like so:

mqttInt.connect(
	"ssl://owntracks.mydomainname.com:8883", 
	clientID, 
	myusername, 
	mypassword)

It would be nice if the developer docs included this as an example.

2 Likes