docker-vernemq: Can't reconfigure mqtts listener

Hi, I’m trying to set up a mqtts listener, I’ve added the mqtts.enabled=true in the values, as well as the secretMount with the certificates (it seemed that it didn’t work by adding directly the “certificates.{certs,ca,key}” as documented in the README), and when I look at logs I see this:

16:56:01.241 [error] can't reconfigure mqtts listener({127,0,0,1}, 1883) with Options [{max_connections,10000},{nr_of_acceptors,10},{mountpoint,[]},{cafile,"/etc/ssl/vernemq/ca.crt"},{depth,1},{certfile,"/etc/ssl/vernemq/tls.crt"},{eccs,[secp521r1,brainpoolP512r1,brainpoolP384r1,secp384r1,brainpoolP256r1,secp256k1,secp256r1,secp224k1,secp224r1,secp192k1,secp192r1,secp160k1,secp160r1,secp160r2]},{keyfile,"/etc/ssl/vernemq/tls.key"},{require_certificate,false},{tls_version,'tlsv1.2'},{use_identity_as_username,false},{allowed_protocol_versions,[3,4,131]},{allow_anonymous_override,false}] due to {already_started,<0.458.0>}

and trying to send data on MQTT on port 8883 fails with an error (although it works fine for 1883)

is there something I should configure?

About this issue

  • Original URL
  • State: open
  • Created a year ago
  • Reactions: 1
  • Comments: 57 (20 by maintainers)

Most upvoted comments

Okay, got it working, I’ll document the minimal changes that are required

+1
maelp on Feb 27, 2023 
08:14:21.018 [error] can't reconfigure mqtts listener({127,0,0,1}, 1883) with Options [{max_connections,10000},{nr_of_acceptors,10},{mountpoint,[]},{cafile,"/etc/ssl/vernemq/..data/ca.crt"},{depth,1},{certfile,"/etc/ssl/vernemq/tls.crt"},{eccs,[secp521r1,brainpoolP512r1,brainpoolP384r1,secp384r1,brainpoolP256r1,secp256k1,secp256r1,secp224k1,secp224r1,secp192k1,secp192r1,secp160k1,secp160r1,secp160r2]},{keyfile,"/etc/ssl/vernemq/tls.key"},{require_certificate,true},{tls_version,'tlsv1.2'},{use_identity_as_username,true},{allowed_protocol_versions,[3,4,131]},{allow_anonymous_override,false}] due to {already_started,<0.460.0>}
08:16:23.322 [warning] session stopped abnormally due to '{cant_parse_connect_fixed_header,<<22,3,3,0,240,1,0,0,236,3,3,207,93,101,109,171,15,73,140,246,37,247,70,91,86,25,191,97,71,59,244,209,226,97,191,153,221,242,36,107,217,30,127,0,0,18,192,44,192,43,192,47,192,48,192,19,192,20,0,156,0,47,0,53,1,0,0,177,0,0,0,25,0,23,0,0,20,119,101,98,45,97,112,112,45,49,46,103,111,117,97,99,104,46,99,111,109,0,5,0,5,1,0,0,0,0,0,10,0,12,0,10,0,29,0,23,0,24,0,25,0,30,0,11,0,2,1,0,0,13,0,40,0,38,4,3,5,3,6,3,8,4,8,5,8,6,8,9,8,10,8,11,4,1,5,1,6,1,4,2,3,3,3,1,3,2,2,3,2,1,2,2,0,50,0,40,0,38,4,3,5,3,6,3,8,4,8,5,8,6,8,9,8,10,8,11,4,1,5,1,6,1,4,2,3,3,3,1,3,2,2,3,2,1,2,2,0,17,0,9,0,7,2,0,4,0,0,0,0,0,23,0,0,0,43,0,3,2,3,3,255,1,0,1,0>>}'
+1
maelp on Feb 27, 2023

@ioolkos I tried adding the variables you sent above, now I have those logs

17:26:37.432 [error] can't reconfigure mqtt listener({127,0,0,1}, 1883) with Options [{max_connections,10000},{nr_of_acceptors,10},{mountpoint,[]},{proxy_protocol,false},{allowed_protocol_versions,[3,4,5,131]},{allow_anonymous_override,false}] due to {already_started,<0.435.0>}
17:26:37.514 [error] can't reconfigure mqtts listener({127,0,0,1}, 1883) with Options [{max_connections,10000},{nr_of_acceptors,10},{mountpoint,[]},{cafile,"/etc/ssl/vernemq/ca.crt"},{depth,1},{certfile,"/etc/ssl/vernemq/tls.crt"},{eccs,[secp521r1,brainpoolP512r1,brainpoolP384r1,secp384r1,brainpoolP256r1,secp256k1,secp256r1,secp224k1,secp224r1,secp192k1,secp192r1,secp160k1,secp160r1,secp160r2]},{keyfile,"/etc/ssl/vernemq/tls.key"},{require_certificate,false},{tls_version,'tlsv1.2'},{use_identity_as_username,false},{allowed_protocol_versions,[3,4,131]},{allow_anonymous_override,false}] due to {already_started,<0.435.0>}
+1
maelp on Feb 23, 2023
Read more comments on GitHub
← vanilla-lazyload: v19.0.0 build error with Hugo
docker-vernemq: New version 1.12.1 results in /lib/env.sh: No such file or directory →