MQTT Distributor provides a configuration section to the Ignition Gateway and this can been seen in the left side bar of the Ignition Gateway web UI.

The configuration options for each of the tabs - General and Users - are detailed below.

General

These are the global MQTT Server configuration parameters.  The configuration sections available are Main, Non-TLS Settings, TLS Settings and Advanced.

General - Main

  • Enabled
    • This denotes whether or not to enable or disable the MQTT Server functionality of MQTT Distributor

General - Non-TLS Settings

  • Enable TCP

    • This denotes whether or not to enable plain TCP connections. This is enabled by default.

  • Port
    • This is the standard TCP MQTT Server listening port.  By default it is port 1883 and is the MQTT reserved port with IANA
  • Enable Websocket
    • This denotes whether or not to enable plain Websocket connections. This is enabled by default.
  • Websocket Port
    • This is the standard Websocket listening port for the MQTT Server.  By default this is 8090

General - TLS Settings

For more details on enabling TLS for the MQTT Server see this tutorial: Configuring Secure MQTT Communication.

  • Enable TLS

    • Checkbox to enable TLS.

    • Requires that TLS Certificate has been uploaded in Ignition.

    • TLS 1.2 and TLS 1.3 are supported
  • Secure MQTT Port
    • This is the TLS enabled MQTT Server listening port if TLS is enabled.  By default it is port 8883 and is a reserved port with IANA
  • Enable Secure Websocket
    • Checkbox to enable Secure Websocket connections for MQTT Server
  • Secure Websocket Port
    • TLS enabled Websocket port for the MQTT Server.  By default this is port 9443


Prior to MQTT Distributor 4.0.30, there is a known issue where MQTT Distributor does not pick-up updates made to Ignition SSL certificates whilst SSL is enabled at MQTT Distributor. This can result in edge clients unable to connect to Distributor. 

The workaround is a module restart or configuration change save to the MQTT Distributor module after the Ignition SSL configuration changes.


MQTT Distributor 4.0.30 and newer will need to be running on Ignition 8.1.41 or newer to automatically pick-up updates made to Ignition SSL certificates when SSL is enabled at MQTT Distributor.


General - Advanced

  • Allow Anonymous MQTT Connections
    • Checkbox to enable anonymous MQTT connections. Not selected by default.
  • Custom Properties
    • Do not use unless instructed to by Cirrus Link personnel.


Users

There is a single configuration section Main available.

Users - Main

  • Username
    • The username that must be provided in the MQTT Connect packet to MQTT Server. Any client attempting an anonymous connection will be rejected. 
    • By default a user with Username admin is created
  • Password
    • The password that must be provided in the MQTT Connect packet to MQTT Server. Any client attempting an anonymous connection will be rejected. 
    • By default the admin user has a Password changeme created
  • ACLs
    • The comma separated list of Access Control Lists (ACLs) that clients connecting with this username and password are allowed to publish and subscribe on.
    • By default the admin user has an ACL of RW #



MQTT Distributor provides a configuration section to the Ignition Gateway and this can been seen in the left side bar of the Ignition Gateway web UI.

The configuration options for each of the tabs - General and Users - are detailed below.

General

These are the global MQTT Server configuration parameters.  The configuration sections available are Main, Non-TLS Settings, TLS Settings and Advanced.

General - Main

  • Enabled
    • This denotes whether or not to enable or disable the MQTT Server functionality of MQTT Distributor

General - Non-TLS Settings

  • Enable TCP

    • This denotes whether or not to enable plain TCP connections. This is enabled by default.

  • Port
    • This is the standard TCP MQTT Server listening port.  By default it is port 1883 and is the MQTT reserved port with IANA
  • Enable Websocket
    • This denotes whether or not to enable plain Websocket connections. This is enabled by default.
  • Websocket Port
    • This is the standard Websocket listening port for the MQTT Server.  By default this is 8090

General - TLS Settings

For more details on enabling TLS for the MQTT Server see this tutorial: TLS Enable MQTT Distributor.

  • Enable TLS

    • This denotes whether or not to enable TLS connections.  If TLS is used a Java Keystore file must be uploaded to secure the connection.  This is not enabled by default

  • Secure MQTT Port
    • This is the TLS enabled MQTT Server listening port if TLS is enabled.  By default it is port 8883 and is a reserved port with IANA
  • Secure Websocket Port
    • This is the TLS enabled Websocket port for the MQTT Server.  By default this is port 9443
  • Keystore Password
    • This is the Java Keystore password to use if TLS is enabled and a Java Keystore file is provided
  • Java Keystore File
    • This is the Java Keystore file that contains the server certificate and private key files

General - Advanced

  • Allow Anonymous MQTT Connections
    • Checkbox to enable anonymous MQTT connections. Not selected by default.


Users

There is a single configuration section Main available.

Users - Main

  • Username
    • The username that must be provided in the MQTT Connect packet to MQTT Server. Any client attempting an anonymous connection will be rejected. 
    • By default a user with Username admin is created
  • Password
    • The password that must be provided in the MQTT Connect packet to MQTT Server. Any client attempting an anonymous connection will be rejected. 
    • By default the admin user has a Password changeme created
  • ACLs
    • The comma separated list of Access Control Lists (ACLs) that clients connecting with this username and password are allowed to publish and subscribe on.
    • By default the admin user has an ACL of RW #



New to MQTT? Start Here!