Hi
I am currently building ESP8266 & Adafruit IO based home automation system using MQTT & by far it is working as expected.The ESP8266 is programmed using Arduino IDE.
The main concern here is,how secure the whole MQTT system is?I mean what is the maximum vulnerability of the system as well as the private side network without any security implemented(SSL/TLS etc)??
Also,i would like to know,what is the approprate way to secure the system?
security is obtained over TLS using reserved port 8883
but TLS tends to incur high cpu usage on broker side , network overhead(higher bandwidth)
Also,i would like to know,what is the approprate way to secure the system?
Secure the system against what? you get it very secure if you pull the network plug. I hope you see that you need to specify what your system is expected to do and what risks you're trying to mitigate.
Using TLS you get an encrypted communication, nothing less but also nothing more.
The MQTT system is just a message broker. If you operate your own server (in a home automation system almost mandatory) you don't need TLS (given that the network itself is a basic level of security).
Hi
my arduino client can't connect to the public broker test.mosquitto.com.
The Serial Monitor output is: Connecting to MQTT... failed state : -2
Here is the code, where is the problem? :
#include <PubSubClient.h>
#include <Ethernet.h>
#include <SPI.h>
byte mac[] = {0xDE, 0xAD, 0xBE, 0xEF, 0xFE, 0x01};
const char* mqttServer = "test.mosquitto.com";
const int mqttPort = 1883;
EthernetClient ethClient;
PubSubClient mqttClient(ethClient);
void setup_Ethernet(){
// start the Ethernet connection:
Serial.println("Initialize Ethernet with DHCP:");
if (Ethernet.begin(mac) == 0) {
Serial.println("Failed to configure Ethernet using DHCP");
if (Ethernet.hardwareStatus() == EthernetNoHardware) {
Serial.println("Ethernet shield was not found. Sorry, can't run without hardware. :(");
} else if (Ethernet.linkStatus() == LinkOFF) {
Serial.println("Ethernet cable is not connected.");
}
//delay to let Etnernet shield initialize
delay(1000);
}
//connection succesful
Serial.println("Connection Successful");
Serial.println("--------------------");
}
void callback(char* topic, byte* payload, unsigned int length)
{
Serial.print("Messageved in topic: ");
Serial.println(topic);
Serial.print("Message :");
for(int i = 0; i < length; i++) {
Serial.print((char)payload*);*
- }*
- Serial.println();*
}
void setup() { - Serial.begin(9600);*
- setup_Ethernet();*
- mqttClient.setServer(mqttServer,mqttPort);*
- mqttClient.setCallback(callback);*
- while(!mqttClient.connected()) {*
- Serial.println("Connecting to MQTT...");*
- if (mqttClient.connect("arduinoClient")) {*
- Serial.println("connected");*
- }else{*
- Serial.print("failed state : ");*
- Serial.println(mqttClient.state());*
- delay(2000);*
- }*
- }*
- mqttClient.publish("test/arduino","Hello Arduino world");*
- mqttClient.subscribe("test/arduino");*
}
void loop()
{ - mqttClient.loop();*
}
Neither MQTT nor C++ like italics
Please don't hijack unrelated threads.
How secure is Adafruit MQTT
Why not ask that question in adafruit's forum?