Ignition SSL/TLS 8883

First post. Be kind, please.

I’m trying to secure a connection using your Mosquitto Broker and OpenSSL solution on Ignition installed on three Windows Server 2019 VMs in my test environment. I had it working in one scenario, but when I tried to mirror our customer’s infrastructure, I am lost.

Here is the setup: Using Ignition 8.1.20 with v 4.11 modules for MQTT. The system is connected and passing messages on port 1883. Three servers (Win 2019)

  1. Mosquitto Engine Points to the Distributor and shows Connected
  2. Mosquitto Distributor
  3. Mosquitto Transmitter - Points to Distributor for 1883 connection. Using Sample Tags and they are passing

Initially, I tried installing the Broker and creating the certs on the Engine server. Then copied the certs to the Distributor and the Transmitter. I could not make a connection. I updated the .CONF on the Engine for listener port 8883 and pointed it to the certs. No luck.

Now my thought is to install the Broker on the Distributor server and create the certs using OpenSSL on this server and put the created certs on the Engine and the Transmitter. Or do I install the Broker on the Engine AND the Distributor? OR all three servers in this environment.

If anyone can help me to get this to work and help me document the process, I’m happy to pay a consulting fee.


Have you been through this? Secure MQTT Communication using SSL or TLS - MQTT Modules for Ignition 8.x - Confluence

Hi Wes,

I have. I feel like a moron with this. I’m a skilled IT guy, but this cert issue is driving me nuts.

If you know the process and can do a Teams, I’ll Zelle you a consulting fee. I’ve spent too much time on this and the Ignition tech support has been good, but not great at assisting.


Go ahead and open a support ticket at support@cirrus-link.com. They’ll get you set up. Also, I’d highly recommend upgrading to 4.0.17 of the modules. The compatibility page is here: Ignition Compatibility with Cirrus Link Modules - MQTT Modules for Ignition 8.x - Confluence. 4.0.11 is quite old at this point and lots of fixes have been made in subsequent versions.