MQTT Agent - Security problem while authenticating AMQ229031

dumitrug · June 13, 2024, 12:21pm

Hi,

I am trying to connect an MQTT Agent to an external broker running on the same machine.
I can successfully connect to the broker using the MQTT Explorer application with the same username and password I use inside OR Agent.
However, I get the following error in the logs:

2024-06-13 14:16:35.048  INFO    [Scheduled task-4              ] ocol.mqtt.AbstractMQTT_IOClient.PROTOCOL : Client 'mqtt://localhost:1883/?clientId=iot_or' connection status changed: WAITING

2024-06-13 14:16:39.359  WARN    [Thread-2 (ActiveMQ-serve..883)] TenantClientCredentialsGrantsLoginModule : Unable to resolve keycloak deployment

2024-06-13 14:16:39.359  WARNING [Thread-2 (ActiveMQ-serve..883)] org.apache.activemq.artemis.core.server  : AMQ222216: Security problem while authenticating: AMQ229031: Unable to validate user from /127.0.0.1:60808. Username: mqtt-test; SSL certificate subject DN: unavailable

2024-06-13 14:16:39.360  INFO    [com.hivemq.client.mqtt-2-21   ] ocol.mqtt.AbstractMQTT_IOClient.PROTOCOL : Connection rejected by the broker 'mqtt://localhost:1883/?clientId=iot_or': reasonCode=NOT_AUTHORIZED, initiator=SERVER

2024-06-13 14:16:39.360  INFO    [Scheduled task-5              ] ocol.mqtt.AbstractMQTT_IOClient.PROTOCOL : Client 'mqtt://localhost:1883/?clientId=iot_or' connection status changed: WAITING

Can anyone tell me what I am missing? Is there something I need to do on the broker side?

dumitrug · June 13, 2024, 12:24pm

dumitrug · June 13, 2024, 1:26pm

Given the configuration below, is it possible that the OR MQTT Agent is trying to connect to the broker inside the container and not the one on the machine? My broker RabbitMQ on the machine is using the standard ports.

 docker ps -a
CONTAINER ID   IMAGE                          COMMAND                  CREATED        STATUS                    PORTS                                                                                                                                                 NAMES
37cb27eda472   openremote/proxy:latest        "/entrypoint.sh run"     5 hours ago    Up 5 hours (healthy)      127.0.0.1:8404->8404/tcp, 0.0.0.0:8883->8883/tcp, :::8883->8883/tcp, 0.0.0.0:8088->80/tcp, :::8088->80/tcp, 0.0.0.0:8443->443/tcp, :::8443->443/tcp   openremote-proxy-1
1bbf3f2e1509   openremote/manager:latest      "/bin/sh -c 'java $O…"   5 hours ago    Up 5 hours (healthy)      1883/tcp, 8080/tcp, 8443/tcp, 127.0.0.1:8405->8405/tcp                                                                                                openremote-manager-1
fb15959b78ba   openremote/keycloak:latest     "/bin/sh -c '/opt/ke…"   5 hours ago    Up 5 hours (healthy)      8080/tcp, 8443/tcp                                                                                                                                    openremote-keycloak-1
b5b17f98a58c   openremote/postgresql:latest   "/or-entrypoint.sh p…"   5 hours ago    Up 5 hours (healthy)      8008/tcp, 8081/tcp, 0.0.0.0:2345->5432/tcp, :::2345->5432/tcp

system · July 13, 2024, 1:26pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.