Mosquitto Mqtt broker
ExplainerHow ToInternet of ThingsIoT ProtocolsTutorials/DIY

Mosquitto MQTT broker | Install Broker in AWS | Setting Up

4 Comments 3 min read 



Introduction



Eclipse Mosquitto is an open-source message broker that implements the MQTT protocol (versions 3.1, 3.1.1, and 5.0). It is a lightweight yet powerful messaging solution designed for devices ranging from microcontrollers to enterprise servers. With its robust security features and scalability, Mosquitto is widely used in IoT applications.



Install Mosquitto Broker and Clients


    

  1. Log into your AWS Ubuntu Instance

    sudo apt-get update

    

    2. 

  2. Install Mosquitto broker and MQTT clients:

    sudo apt-get install mosquitto mosquitto-clients

    

    3. 

  3. Verify the installation:

    mosquitto -v

    

    4. 



Enable Remote Access



To allow connections from remote devices, modify the configuration file:



    

  1. Open the Mosquitto configuration file:

    sudo nano /etc/mosquitto/conf.d/default.conf

    

    2. 

  2. Add the following line to allow remote access on port 1883:

    listener 1883
allow_anonymous true

    

    3. 

  3. Save the file and restart Mosquitto:

    sudo systemctl restart mosquitto

    

    4. 

  4. Ensure your AWS Security Group rules open port 1883 for inbound traffic.
    5. 



Robust MQTT Broker with Auto-Restart Feature



To ensure Mosquitto restarts automatically if it crashes:



    

  1. Create a script file called mosquitto_restart.sh:

    sudo nano /home/ubuntu/mosquitto_restart.sh

    

    2. 

  2. Add the following content:

    #!/bin/bash
if [ "$(pgrep mosquitto)" == "" ]; then
    echo "Mosquitto was down. Restarting..." >> /home/ubuntu/cron.log
    sudo systemctl restart mosquitto
fi

    

    3. 

  3. Make the script executable:

    chmod +x /home/ubuntu/mosquitto_restart.sh

    

    4. 

  4. Add the script to a cron job to run every 5 minutes:

    sudo crontab -e

    

    5. 

  5. Add this line to the cron file:

    */5 * * * * /home/ubuntu/mosquitto_restart.sh

    

    6. 



Secure Mosquitto with SSL/TLS Encryption


    

  1. Install Certbot for SSL certificates:

    sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt-get install certbot

    

    2. 

  2. Generate SSL Certificates:

    sudo certbot certonly --standalone -d mqtt.yourdomain.com

    

    3. 

  3. Configure Mosquitto for SSL:

    sudo nano /etc/mosquitto/conf.d/default.conf

    

    4. 

  4. Add the following lines:

    listener 8883
cafile /etc/letsencrypt/live/mqtt.yourdomain.com/chain.pem
certfile /etc/letsencrypt/live/mqtt.yourdomain.com/cert.pem
keyfile /etc/letsencrypt/live/mqtt.yourdomain.com/privkey.pem

    

    5. 

  5. Restart Mosquitto:

    sudo systemctl restart mosquitto

    

    6. 



Enable WebSockets for MQTT



If your web app requires WebSocket support:



    

  1. Open the Mosquitto configuration file:

    sudo nano /etc/mosquitto/conf.d/default.conf

    

    2. 

  2. Add the following lines:

    listener 8083
protocol websockets

    

    3. 

  3. Ensure port 8083 is open in your security group rules.
    4. 

  4. Restart Mosquitto:

    sudo systemctl restart mosquitto

    

    5. 



Add User Authentication for Security


    

  1. Create a password file and add a user:

    sudo mosquitto_passwd -c /etc/mosquitto/passwd <username>

    

    2. 

  2. Open the configuration file:

    sudo nano /etc/mosquitto/conf.d/default.conf

    

    3. 

  3. Add these lines:

    allow_anonymous false
password_file /etc/mosquitto/passwd

    

    4. 

  4. Restart Mosquitto:

    sudo systemctl restart mosquitto

    

    5. 



Testing Your MQTT Setup


    

  1. Subscribe to a topic:

    mosquitto_sub -h localhost -t test -u "<username>" -P "<password>"

    

    2. 

  2. Publish a message:

    mosquitto_pub -h localhost -t "test" -m "Hello World" -u "<username>" -P "<password>"

    

    3. 



Complete Configuration File for Reference


allow_anonymous false
password_file /etc/mosquitto/passwd

listener 1883

listener 8883
cafile /etc/letsencrypt/live/mqtt.yourdomain.com/chain.pem
certfile /etc/letsencrypt/live/mqtt.yourdomain.com/cert.pem
keyfile /etc/letsencrypt/live/mqtt.yourdomain.com/privkey.pem

listener 8083
protocol websockets



Conclusion



By following this updated guide, you will have a secure, robust, and efficient Mosquitto MQTT broker running on your AWS Ubuntu instance. The added security layers with SSL and password protection ensure your data remains safe, while automated scripts guarantee uptime and reliability. For large-scale IoT implementations, this setup is ideal for managing real-time messaging between multiple devices.




You may like also:




	
	


	
			

							

					
					
					
				

				
			
		

				
		
					

				
				
				
			

			

		

		
			

			
			

				

					
Harshvardhan Mishra


					
					
Hi, I'm Harshvardhan Mishra. Tech enthusiast and IT professional with a B.Tech in IT, PG Diploma in IoT from CDAC, and 6 years of industry experience. Founder of HVM Smart Solutions, blending technology for real-world solutions. As a passionate technical author, I simplify complex concepts for diverse audiences. Let's connect and explore the tech world together!  
If you want to help support me on my journey, consider sharing my articles, or  Buy me a Coffee!
Thank you for reading my blog! Happy learning!
Linkedin


					
									


				

			


			


	


		

			You May Also Like
		


		


							


											

							
								Leading Data and Web Scraping Services - Get Your Business Much Needed Data							
						

					
					

						

							
								Leading Data and Web Scraping Services – Get Your Business Much Needed Data!							
						


						

			
				0			

			
					


				

							


											

							
								Blynk tutorials							
						

					
					

						

							
								Blynk Tutorials | Blynk IoT Platform | How To use Blynk							
						


						

			
				2			

			
					


				

							


											

							
								From Vulnerable to Resilient: Evolving Cyber Tactics							
						

					
					

						

							
								From Vulnerable to Resilient: Evolving Cyber Tactics							
						


						

			
				0			

			
					


				

			
		


	


	



			

			4 thoughts on “Mosquitto MQTT broker | Install Broker in AWS | Setting Up


		
		

		
	
		

		
Leave a Reply 
Your email address will not be published. Required fields are marked *