It is only possible to connect KPN Things to your MQTT broker using an encrypted connection!
The following parameters are available to connect an MQTT broker:
The name of the destination
Description of the destination
Endpoint of my server
The host name of the MQTT broker
The port on which the MQTT broker allows encrypted connections
The username for KPN Things to connect to the broker
The password for KPN Things to connect to the broker
MQTT Client ID for KPN Things to connect to the broker
The topic structure describing how KPN Things should publish data. There are several placeholders available:
The MQTT Quality of Service desired for the connection to your broker.
Timeout for sending a message and handling QoS in milliseconds
*) required value †) secret value, can only be written
- Open an encrypted client connection to your MQTT broker.
- Publish all forwarded IoT data in SenML JSON format on topics following the specified topic template.
We do not support self-signed certificates. Your TLS/SSL certificate should be signed by a root certificate authority (CA) that is trusted by the default Java trust store. You can use the SSL Server Test from Qualys to check if your certificate is trusted by the Java trust store:
The result of the SSL Server Test indicating the certificate is trusted by Java.
Your server should preferably use TLSv1.2 or higher, but at least TLSv1.1. Older protocols are not supported because they are not considered safe.
Are you new to MQTT, but still interested in using it? HiveMQ has published some very nice articles about MQTT essentials:
You can find a publicly available Mosquitto MQTT server/broker on https://test.mosquitto.org. This allows you to try to connect KPN Things to an MQTT broker. Do not use this public MQTT broker for production!