Mosquitto で Let's Encrypt の証明書を使う

次のページを参考にしました。
Using Let’s Encrypt certificates with mosquitto

/etc/mosquitto/mosquitto.conf
に次を加えます。
example.com は変更して下さい。

listener 8883
cafile /etc/ssl/certs/DST_Root_CA_X3.pem
certfile /etc/letsencrypt/live/example.com/fullchain.pem
keyfile /etc/letsencrypt/live/example.com/privkey.pem

サーバーのリスタート

sudo systemctl restart mosquitto

サブスクライブ

go_sub.sh

mosquitto_sub -d -t orz -h example.com \
	-p 8883 --capath /etc/ssl/certs/ \
	--topic sensors/topic_1

パブリッシュ

go_pub.sh

mosquitto_pub -d -t orz -m "こんにちは Jan/23/2021" -h example.com \
	 -p 8883 --capath /etc/ssl/certs/ \
	--topic sensors/topic_1

実行時の様子

パブリッシュ

$ ./go_pub.sh 
Client mosq-jbiGkrRFKrFE5DiycV sending CONNECT
Client mosq-jbiGkrRFKrFE5DiycV received CONNACK (0)
Client mosq-jbiGkrRFKrFE5DiycV sending PUBLISH (d0, q0, r0, m1, 'sensors/topic_1', ... (27 bytes))
Client mosq-jbiGkrRFKrFE5DiycV sending DISCONNECT

サブスクライブ

$ ./go_sub.sh 
Client mosq-u0Wpvcgg46Y05Tco2C sending CONNECT
Client mosq-u0Wpvcgg46Y05Tco2C received CONNACK (0)
Client mosq-u0Wpvcgg46Y05Tco2C sending SUBSCRIBE (Mid: 1, Topic: orz, QoS: 0, Options: 0x00)
Client mosq-u0Wpvcgg46Y05Tco2C sending SUBSCRIBE (Mid: 1, Topic: sensors/topic_1, QoS: 0, Options: 0x00)
Client mosq-u0Wpvcgg46Y05Tco2C received SUBACK
Subscribed (mid: 1): 0, 0
Client mosq-u0Wpvcgg46Y05Tco2C received PUBLISH (d0, q0, r0, m0, 'sensors/topic_1', ... (27 bytes))
こんにちは Jan/23/2021

Python3 の接続例
Python3: Let's Encrypt の証明書を使ったブローカーに接続

Node.js の接続例
Node.js: Let's Encrypt の証明書を使ったブローカーに接続