Mosquitto broker and TLS configuration

Question

I am trying to configure the MQTT Mosquitto broker with TLS. After following the mosquitto manual, I've edited the mosquitto.conf as bellow

# Place your local configuration in /etc/mosquitto/conf.d/
#
# A full description of the configuration file is at
# /usr/share/doc/mosquitto/examples/mosquitto.conf.example

pid_file /run/mosquitto/mosquitto.pid
persistence true
persistence_location /var/lib/mosquitto/
log_dest file /var/log/mosquitto/mosquitto.log
include_dir /etc/mosquitto/conf.d

listener  8883

cafile /home/openest/certs/ca/ca.crt
certfile /home/openest/certs/broker/broker.crt
keyfile /home/openest/certs/broker/broker.key
require_certificate true

The problem is when I am restarting the mosquitto broker, I am getting this error

Job for mosquitto.service failed because the control process exited with error code.                                        
See "systemctl status mosquitto.service" and "journalctl -xe" for details.

This is the output when I run systemctl status mosquitto.service

● mosquitto.service - Mosquitto MQTT Broker
     Loaded: loaded (/lib/systemd/system/mosquitto.service; enabled; vendor preset: enabled)
     Active: failed (Result: exit-code) since Mon 2022-04-11 15:25:56 CEST; 1min 22s ago
       Docs: man:mosquitto.conf(5)
             man:mosquitto(8)
    Process: 2384 ExecStartPre=/bin/mkdir -m 740 -p /var/log/mosquitto (code=exited, status=0/SUCCESS)
    Process: 2385 ExecStartPre=/bin/chown mosquitto /var/log/mosquitto (code=exited, status=0/SUCCESS)
    Process: 2386 ExecStartPre=/bin/mkdir -m 740 -p /run/mosquitto (code=exited, status=0/SUCCESS)
    Process: 2387 ExecStartPre=/bin/chown mosquitto /run/mosquitto (code=exited, status=0/SUCCESS)
    Process: 2388 ExecStart=/usr/sbin/mosquitto -c /etc/mosquitto/mosquitto.conf (code=exited, status=1/FAILURE)
   Main PID: 2388 (code=exited, status=1/FAILURE)
        CPU: 6ms

This is the output of journalctl -xe

░░ Support: https://www.debian.org/support
░░
░░ A start job for unit mosquitto.service has finished with a failure.
░░
░░ The job identifier is 4473 and the job result is failed.
Apr 12 10:15:12 debian systemd[1]: mosquitto.service: Scheduled restart job, restart counter is at 5.
░░ Subject: Automatic restarting of a unit has been scheduled
░░ Defined-By: systemd
░░ Support: https://www.debian.org/support
░░
░░ Automatic restarting of the unit mosquitto.service has been scheduled, as the result for
░░ the configured Restart= setting for the unit.
Apr 12 10:15:12 debian systemd[1]: Stopped Mosquitto MQTT Broker.
░░ Subject: A stop job for unit mosquitto.service has finished
░░ Defined-By: systemd
░░ Support: https://www.debian.org/support
░░
░░ A stop job for unit mosquitto.service has finished.
░░
░░ The job identifier is 4545 and the job result is done.
Apr 12 10:15:12 debian systemd[1]: mosquitto.service: Start request repeated too quickly.
Apr 12 10:15:12 debian systemd[1]: mosquitto.service: Failed with result 'exit-code'.
░░ Subject: Unit failed
░░ Defined-By: systemd
░░ Support: https://www.debian.org/support
░░
░░ The unit mosquitto.service has entered the 'failed' state with result 'exit-code'.
Apr 12 10:15:12 debian systemd[1]: Failed to start Mosquitto MQTT Broker.
░░ Subject: A start job for unit mosquitto.service has failed
░░ Defined-By: systemd
░░ Support: https://www.debian.org/support
░░
░░ A start job for unit mosquitto.service has finished with a failure.
░░
░░ The job identifier is 4545 and the job result is failed.
Apr 12 10:15:22 debian sudo[3055]:   chaima : TTY=pts/1 ; PWD=/home/chaima ; USER=root ; COMMAND=/usr/bin/journalctl -xe
Apr 12 10:15:22 debian sudo[3055]: pam_unix(sudo:session): session opened for user root(uid=0) by chaima(uid=1000)

Note that I've also opened up the port 8883 in the fire wall by running:

sudo ufw allow 8883
Rules updated
Rules updated (v6)

Do you have any idea about how I can fix this error please and thank you in advance.

Mosquitto broker and TLS configuration

Answers (1)

Related Questions