MQTT - Connect to port 443


AWS IOT Core provides a very useful feature for MQTT connections in that it provides 443 as a port you can use, employing a lower level TLS technique called ALPN (Application-Layer Protocol Negotiation - Wikipedia ) to figure out the protocol being used.

This is obviously very handy when firewall rules often allow outbound to port 443 by default.

Are there plans in the MQTT modules to support this feature?

(Note: having used the feature myself from within a Java application using Paho MQTT client, I am aware that it required supplying my own SSLSocketFactory to the MQTT Client and it was only possible on Java 9+ when ALPN became an available TLS feature)


This is already supported in MQTT Transmission for Ignition7. It has not been ported to Transmission for Ignition8 yet.

That’s great! Thanks for the update. Do you think that will be ported to I8 soon?

It’s in the backlog but hasn’t been prioritized yet. I should also note that AWS IoT Core is not fully Sparkplug compliant. It can’t support primary host IDs and also doesn’t ensure in-order delivery. So, it really isn’t an ideal MQTT Server for Sparkplug applications.

I understand there are limitations in its compliance, but putting that to one side, being able to smooth the path for data ingestion into a cloud platform by removing the corporate firewall hurdle of requesting port 8883 to be opened, really is a significant time saver sometimes. I’d love to see it enabled again in v8. Thanks, John.

This has now been added to the MQTT modules in the v4.0.8 release.

Hi. Just wanted to check back in regarding AWS IOT Core. I recently noticed this post AWS IoT Core now supports MQTT retained messages which seems to address one of the major shortcomings of IOT Core MQTT compliance. I understand the issue of in-order delivery still exists. But I’m curious about the support for Primary Host IDs. Can you explain, from the perspective of MQTT 3.1.1 compliance, what that means? Does the support now for Retained Messages mean that IOT Core is now possible to use as a Sparkplug MQTT broker, albeit with some more edge case limitations?

My understanding is that IoT Core now supports retained messages as well as MQTT ‘Will Messages’ in the MQTT CONNECT packet with retained=true. This in addition to QoS1 messages (which was already supported by AWS IoT Core) are required for Primary Host ID. So, I believe that Primary Host ID should now be supported by AWS IoT Core. We’ve done some preliminary testing at Cirrus Link and things seem to work fine in this regard at this point.

As you note, the out of order message delivery is still an issue with AWS IoT Core…

This is great news. Thanks for the quick reply. I think we’ll proceed with our plans around use of Sparkplug from edge to cloud on the basis that IOT Core can be our MQTT Broker in the architecture.