Username and password authentication to remote broker

[bruniii]

I'm sorry to use this "issues" section for something that's more asking for help, and perhaps it's even a stupid question. If there is any other way to get help without opening a fake issue here, please let me know.

I need to use a username/password to connect the LabVIEW MQTT client to a remote broker; no SSL/TLS autentication, only the credentials. I cannot find any input variables of any VIs in you libraries (MQTT Client, Connection, TCP Connection, MQTT Secured TCP Connection, Websockets Connection) that looks like a username/password.

Can you help me? am I missing the right vi/class?

Thank you!
Marco.

[francois-normandin]

@bruniii you can specify the username and password as part of the Connect method. That is where you add the username, password, will topic and messages... Along with the session flags.

(And this is the right place to ask those questions... When one person asks, ten others will find the answer here in the future and won't need to ask) 🙂

[francois-normandin]

For completeness, here is the node in the MQTT palette.

[bruniii]

Thank you! Now it's working. Also, to any future reader: remember to change to True the respective booleans in the "Connect flags" variable of the same VI "Connect to server"

[bruniii]

Now that the authentication Username/Password is working I had to move to the production environment where a MQTTS broker is running and both Username/password and SSL/TLS 1.2 with a certificate have to be used.

I received a ".pfx" certificate file. The IP address and Username/password are the same as the test broker, where I used the TCP connection class.

Below the diagram based on your example for a MQTT client, where I'm using the Secured TCP connection class instead. "Ready for SSL" is true but after "Connect to Server.vi" I'm getting Error 01 "Add Trusted Certificate To TLS Configuration in Connection.TCP-TLS.lvclass:onConnection.vi".

Also, I'm afraid I don't know the correct Hostname input; I've just asked for more information to the maintainer of the MQTTS broker.

Could you help me (AGAIN) with these limited information?

EDIT: they just send me also the ".crt" file. Using this I get the error -715056 "Start TLS in Connection.TCP-TLS.lvclass:onConnection.vi:590001->MQTT_Connection.lvlib:Connection.lvclass:Connect.vi:3060003->MQTT Client.lvlib:Client.lvclass:Connect to Server.vi:7180002"

These are the settings that I'm using with MQTT.fx to successfully connect to the MQTTs broker, together with the .crt file.

Thank you,
Marco.

[francois-normandin]

The domain is determined by the server's certificate. It cannot be an IP address, so it usually looks like "www.my-domain.com" or something of the sort. It is the domain where the certificate is valid (you cannot reuse the same certificate on a different server, so you can be certain, as a client, that the certificate you have will identify the server you are targeting).

The pfx file will not work. It is a format that includes both the certificate and the private key(s), so you must extract the raw certificate from there. The certificate is usually a .cer or. crt file. The private key is usually saved as a .pem or a .key file, and should be kept secret. You would use the key/pem only if LabVIEW is the broker.

This resource might be helpful:
https://www.ibm.com/docs/en/arl/9.7?topic=certification-extracting-certificate-keys-from-pfx-file

There is more, if you need to identify yourself with the server through mutual TLS, then the client must use a private key and the server must have installed the client certificate, but in this case, I think you need only the server's certificate to establish communication.

Maybe this can help:
https://youtu.be/2-OJ-U6eTmE

It contains the broker part and how to create self signed certificates, so you can skip those parts...