Belchertown / MQTT / RSYNC / SSL Issue

[N0ZO]

I've been trying to troubleshoot the issue with my MQTT not connecting for weeks now, and I finally have an idea of what the issue may be. 

Originally I had issues with WS not working on port 9001, so today I completely uninstalled mosquitto and reinstalled it. 

Weewx was posting to the mqtt server hosted on a local PC no issue; and now WS was working on 9001. I tested further by using the domain name with port, and it was receiving on mqtt 1883 and ws 9001, but still I was getting the dreaded message "Connecting to weather station real time data." on my website (https://wx.4-7.us).

Even using another device not on the local LAN i was getting data through a MQTT program. 

I went through I don't know how many different threads searching on here, and all my settings were identical to others. 

I finally had a major aha moment when I decided to try the webpage hosted on the computer running weewx, and it immediately connected and was receiving data! 
I even tested further by forwarding a port on the router and trying off network, which also worked. 

Now here's where I think my issue is, and I am not really sure how to go from here since I can't think of the right words to search with:

I'm using weewx to sync with my webhost with rsync; all the pages on that web hosted server have SSL activated. I am hosting mqtt on a local computer with ports forwarded, but without SSL. 

Is it a combination of using rsync to a server with SSL enabled, trying to connect to an internet accessible local server running MQTT without SSL running prohibiting it from connecting? 

[Dominic ›OE7DRT‹]

N0ZO <jus...@4-7.us> wrote:

>Now here's where I think my issue is, and I am not really sure how to go from
>here since I can't think of the right words to search with:
>
>I'm using weewx to sync with my webhost with rsync; all the pages on that web
>hosted server have SSL activated. I am hosting mqtt on a local computer with
>ports forwarded, but without SSL. 
>
>Is it a combination of using rsync to a server with SSL enabled, trying to
>connect to an internet accessible local server running MQTT without SSL running
>prohibiting it from connecting? 

I get a red circle on Firefox and a yellow circle on Chromium, but it
still hangs on the socket. The error message from Firefox is SSL_ERROR_RX_RECORD_TOO_LONG
and on chromium at least it is more verbose:

| Mixed Content: The page at 'https://wx.4-7.us/' was loaded over HTTPS, but attempted to
| connect to the insecure WebSocket endpoint 'ws://108.72.231.43:9001/mqtt'. This request
| has been blocked; this endpoint must be available over WSS.

So I guess you should provide your broker via SSL. I don't use
websockets, so my knowledge is limited. But I used the normal MQTT ports
with a reverse proxy "traefik" on my homeserver over TLS. So the proxy
took care of the SSL stuff and forwarded the plain TCP port then to the
local host running mosquitto.

HTH

-dominic

--
The weak are always anxious for justice and equality.
The strong pay no heed to either.
- Aristotle

[michael.k...@gmx.at]

Dominic guessed correctly, usually browsers don't allow unecrypted connections when the page is loaded over an encrypted connection.

The combinations http/ws and http/wss should work, where https/ws shouldn't.