I would like to connect my Thingworx platform 7.2 with a MQTT broker in a secure mode SSL TLS.
I’m using ActiveMQ 5.3 as MQTT broker and MQTT Thingworx extension as connector.
I successfully tested the connection without SSL mode.
However, I could not implement secure mode connection.
→ I have made two changes to activemq.xml file.
a) Instead of line
<transportConnector name="mqtt" uri="mqtt://0.0.0.0:1883?maximumConnections=1000&wireFormat.maxFrameSize=104857600"/>,
<transportConnector name="mqtt+nio+ssl" uri="mqtt+nio+ssl://0.0.0.0:8883?maximumConnections=1000&wireFormat.maxFrameSize=104857600"/>
b) I added
- Activemq.ks is a keystore containing the certificate I generated for the broker.
- Activemq.ts is a keystore containing the certificate I generated for the broker clients.
→ I tested Activemq server with MQTT.fx client tool. I could connect in SSL/TLS mode, with TLSv2 protocol option and CA certificate keystore option, by importing the certificate broker client I made in keystore for MQTT.
1) Is my ActiveMQ configuration proper?
2) Where should I put the broker client certificate in Thingworx side?
3) Perhaps the MQTT Thingworx extension uses Tomcat to communicate to ActiveMQ broker? Following this assumption I modified the server.xml file of Tomcat configuration.
Below there is one of my unsuccessful tests:
a) I added this connector
Tomcat.ks is a keystore containing the certificate I generated for the broker clients.
Tomcat.ts is a keystore containing the certificate I generated for the broker.
I removed this line
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
4) Instead of MQTT Thingworx extension, it is possible to use ActiveMQ extension for a secure SSL/TLS connection throw ActiveMQ?
Thank you for your attention.