I would like to connect to an MQTT broker from Ignition using the MQTT Engine. I have the server certificate, and TLS is enabled. I am using port 8883. I also enabled TLS under the MQTT Distributor settings.
I uploaded my CA certificate, but I have not had any success.
I believe the certificate names are only for certificate based authentication as I'm using TS without this just fine. Maybe try turning off host name verification and see if that solves anything. Are you using a self signed certificate on the server side or a trusted certificate from a trusted CA?
I tested this in MQTT Explorer by applying the client cert as the ‘Server Certificate (CA)’ certificate, enabling TLS, and changing the port to 8883. This connection works and I can verify from the broker that it is connected using TLS. I also tested connecting with openssl s_client with that same certificate, and it was also able to connect.
When I apply this same certificate to my MQTT Engine module as the ‘CA Certificate File’ and change the URL to use ssl://[my hostname]:8883, It shows status as not connected.
I also tried to uncheck Hostname Verification but no luck.
I am using self-Signed certificate because I do not use and do not have client key or Client certificate to connect.
I’m running into the same issue with MQTT Transmitter. It doesn’t seem to provide an option to disable certificate validation outright—only to ignore hostnames. I also added the MQTT server certificate to my Ignition server’s trusted certificates as described in the official documentation, but so far, nothing has worked.
Could someone please offer some guidance on how to properly add self-signed certificates as trusted on the Ignition server? Any help would be greatly appreciated.
You need to reach out to Cirrus Link for support. Definitely update this thread if you find a solution, but MQTT Transmission is a 3rd party module.
