Skip to content

MQTT Advanced Options

tsightler edited this page Jun 6, 2022 · 4 revisions

In addition to the mqtt_url option, which provides the basic information needed to connect to the MQTT broker, including full support for TLS encrypted connections, there is an advanced setting mqtt_options that accepts a comma separated list of options that will be parsed and passed to the MQTT.js client library as a JSON options object. These options can be used for advanced scenarios such as the use of self-signed certificates or for certificate based authentication. Below are some of the most commonly used advanced options:

Option Description
rejectUnauthorized Set to 'false" to enable TLS connections to MQTT servers using self-signed certificates (default: true)
ca Path to PEM encoded certificate file to override default trusted CA certificates (default: OS provided trusted CAs)
cert Path to PEM encoded certificate chain file (default: none)
key Path to PEM encoded private key file (default: none)
passphrase String used to decode encrypted private key file (default: none)
clientId String used to identify the client to the broker, mostly for logging purposes, default: 'mqttjs_' + Math.random().toString(16).substr(2, 8)

Other options should be possible but have not been widely tested. To use these simply combine the required parameters into a comma separate list of options like the following example:

--rejectUnauthorized=false,--ca=/path/to/ca.pem,--cert=/path/to/cert.pem,--key=/path/to/private.key,--passphase='my_private_key_password'

Boolean string values will be converted to proper booleans, and options which require paths to a file will be parsed and the file contents read into a buffer object prior to passing the values to MQTT.js.