Pass data between local & remote sites

Hi Craig, no not yet. Family life has taken over at the moment, so I haven't had much free time to revisit this (or any other!) thread.
...hopefully, I will shortly...

Its ridiculously easy - you will not need to devote much time to it

The advantage of using Websockets is the fact that is uses HTTP for initial connection setup. So you can easily use a reverse proxy webserver (nginx, Apache, ...) as front-end service. Those are well-tested and hardened solutions, so no need to expose the Mosquitto to the public itself. TLS setup can be done in the reverse proxy server, the connection to the Mosquitto can remain unencrypted if it runs on the same host.

Plus, you can use standard ports (443 for https), useful when you try to access the service through web proxies, e.g. in corporate environments.

2 Likes

Well I got there in the end!!
TLS secure MQTT connection to another webserver, and all local network MQTT traffic not encrypted, so that I can easily connect to local sensors etc.
It was surprisingly simple (but only when you know how :woozy_face:)

If there's any interest, I'll write-up the process.

4 Likes

I'd like to read it even if it is just to expand my knowledge.

Definitely interested. I've failed to get secure MQTT working several times :frowning:

Done, I hope it makes sense!

https://discourse.nodered.org/t/mqtt-tls-encryption-example/

1 Like