To successfully migrate to an MQTT cloud, it is imperative that all certificate keys are migrated and the DNS is updated to the new server. Thereafter, execute the commands mentioned below to ensure a smooth transition.
- First, create a Linux virtual machine.
- After logging into the new virtual machine.
- Install Mqtt command :
sudo apt update
sudo apt-get install mosquitto mosquitto-clients
- Check whether the Mqtt service is running or not using this command
sudo systemctl status mosquitto
# command1
Loaded: loaded (/lib/systemd/system/mosquitto.service; enabled; vendor preset: enabled)
Active: active (running) since *******–**–** **:**:** UTC; **h ago
Docs: man:mosquitto.conf(5)
man:mosquitto(8)
…….. …….. ……..
…… ……
If your terminal appears like this, then you're all set!
Also, you can check using this command
mosquitto_sub -h localhost -t test # command1
# terminal1
Open another terminal and paste this command
mosquitto_pub -h localhost -t "test" -m "hello world" # command2
# terminal2
# Output in terminal1
mosquitto_sub -h localhost -t test # command1
hello world
Now you can configure the domain name
- Go to your domain hosting service and update the domain 'mqtt.yourdomainname.com' or whatever format you have.
- To complete the process, you need to add the 'A' record along with the public IP address of your new virtual machine.
After setting up the DNS, wait for the TTL seconds that you have specified before. This is because your computer may cache the domain's DNS.
Now you run the command.
mosquitto_pub -h mqtt.yourdomainname.com -t "test" -m "hello world from mylocalhost" # command3
# run on local terminal this command
# Output in terminal1
mosquitto_sub -h localhost -t test # command1
hello world
# after run command3
hello world from mylocalhost
Set username password for Mqtt login
sudo mosquitto_passwd -c /etc/mosquitto/passwd username # used own username > write password > rewrite password > enter
Add into "/etc/mosquitto/mosquitto.conf"
sudo nano /etc/mosquitto/mosquitto.conf
And paste this into this file
.... ....
........
listener 1883
allow_anonymous false
password_file /etc/mosquitto/passwd
Now try these commands
mosquitto_sub -h localhost -t test -u "username" -P "password"
# terminal4
# Open another terminal and paste this command
mosquitto_pub -h localhost -t "test" -m "hello world with password" -u "username" -P "password"
# terminal5
# Output in terminal4
mosquitto_sub -h localhost -t test -u "username" -P "password"
hello world with password
Now try from the local machine
# open local machine terminal
mosquitto_pub -h mqtt.yourdomainname.com -t "test" -m "hello world with password from localmachine" -u "username" -P "password"
# terminal6
# Output in terminal4
mosquitto_sub -h localhost -t test -u "username" -P "password"
hello world with password
hello world with password from localmachine
If any error occurs reinstall and redo the process. If not, continue…
After that, We open the old VM and copy all encryption keys.
cd path/to/encription/key #replace path/to/encription/key your ssl encription key path
# like ex-> ' /etc/ssl/certs/'
ls
# output look like ca.crt ca.csr ca.key ca.srl server.crt server.csr server.key
# Copy all file and save in local machine
cat ca.crt
-----BEGIN CERTIFICATE-----
....................................
.....................................
..................................
-----END CERTIFICATE-----
cat ca.csr
-----BEGIN CERTIFICATE-----
..................................
...........................
............
......................
...........................
........
# like that copy all the file one by one in local machine
Now you can log in to the new VM and run these commands
cd /etc/mosquitto/
mkdir key
cd key
# start creating file
sudo nano ca.crt # after run paste file content from local machine. crtl + x > Y > enter
sudo nano ca.csr # after run paste file content from local machine. crtl + x > Y > enter
sudo nano ca.key # after run paste file content from local machine. crtl + x > Y > enter
sudo nano ca.srl # after run paste file content from local machine. crtl + x > Y > enter
sudo nano server.crt # after run paste file content from local machine. crtl + x > Y > enter
sudo nano server.csr # after run paste file content from local machine. crtl + x > Y > enter
sudo nano server.key # after run paste file content from local machine. crtl + x > Y > enter
Now run command
chmod 644 . # set all file rw-rw-r--
chmod 600 ca.key # set this file rw-------
chmod 600 server.key # set this file rw-------
sudo chown mosquitto:mosquitto /etc/mosquitto/key/server.key
# it's here for, server.key only use by mosquitto service.
# so I did that. If you have anthore configuration use other chmod command.
After that open "/etc/mosquitto/mosquitto.conf"
sudo nano /etc/mosquitto/mosquitto.conf
And paste this into this file
.... ....
........
listener 8883
allow_anonymous false
password_file /etc/mosquitto/passwd
cafile /etc/mosquitto/key/ca.crt
certfile /etc/mosquitto/key/server.crt
keyfile /etc/mosquitto/key/server.key
tls_version tlsv1.2 # and write other version of ssl you want add.
# now save it. crtl + x > Y > enter
sudo systemctl restart mosquitto
If your Mosquitto service runs successfully then well done.
Now run these commands on the local machine
cd /path/to/ # write file path for local machine's ca.crt file
mosquitto_sub -h mqtt.yourdomainname.com -p 8883 --cafile "ca.crt" -t test -u "username" -P "password"
# open another terminal on local machine
cd /path/to/ # write file path for local machine's ca.crt file
mosquitto_pub -h mqtt.yourdomainname.com -p 8883 --cafile "ca.crt" -t test -m "Hello from local to another local" -u "username" -P "password"
# if the command run successfully! Then the server is production ready.
If you get any errors. Open /var/log/mosquitto/mosquitto.log, It gives error details.
Top comments (0)