MQTT broker with Secure WebSocket using Traefik, Docker Compose and Let’s Encrypt
Thank you for all the kind words about the MQTT broker with secure (TLS) communication on Ubuntu 18.04 LTS and an ESP32 MQTT client and the Secure MQTT broker (TLS) and Docker Compose article.
This article will deploy Mosquitto using Docker-Compose, but we are also using Traefik as a reverse proxy and Let’s Encrypt to get our certificates.
This is our folder structure:
├── config
│ ├── mosquitto.password
│ └── mosquitto.conf
└── docker-compose.yml
We will create a Secure WebSocket on port 443, and port 1883 is used for unencrypted MQTT traffic. The unencrypted port is used to simplify the testing; it enables us to use the handy tools mosquitto_pub and mosquitto_sub (which do not support WebSockets).
Why do you need a Secure WebSocket?
If you, for some reason, are working on a Progressive Web App (PWA), you need it. The PWA only allows HTTPS or WSS.
Mosquitto
In my example, I want to log in using a username and password. These are stored in the mosquitto.password file.
- Username: himinds
