NodeRed SparkPlug Node - TLS

Curious with the Node-Red sparkplug node how TLS for secure communications are capable. The standard MQTT Out node allows TLS configuration to the broker, but didn’t see how this works with the sparkplug node. Anyone?

I believe you can change the Sparkplug Node Server URL to ssl://<your_mqtt_server> and the Port to 8883 and it will work as you expect.

hi nathan, this would work only if the broker didn’t require certificates, I don’t believe this would work if the broker is setup to require client certificates or identity from the cert either. the mqtt node allows setting up all the required elements needed to make a secure connection but doesn’t look like the sparkplug node does the same or shares this configuration.

Updating the Node URL and Port worked for me on an MQTT server configured to secure MQTT comms with a “real-signed” SSL cert. It will not work if you’re using a “self-signed” SSL cert and also will not work if you’re attempting to use cert-based authentication.

thanks nathan, this makes sense, unfortunately for the application i’m thinking of, i’m fairly certain cert-based authentication will be required for the mqtt broker so that renders this node unusable for the application i am pondering.

I saw that you opened an issue under Tahu to address this gap. I added some details to the task and hopefully someone will pick this up at some point to add the required functionality. We’ll gladly review your PR if you or anyone else in the community want to contribute code changes to better support TLS. Thanks Ben.

thanks nathan, the only thing keeping me from adding the functionality is a day job and four kids, but i do find the time occasionally to contribute to open source ventures so will keep it in mind for sure, appreciate the conversation! :grinning_face_with_smiling_eyes:

I completely understand those constraints Ben :slight_smile: I’ll be sure to reach out if we get any traction on that Github issue.