Writting MQTT with SSL messages to Influxdb

Hi all,

My Mosquitto MQTT server is using SSL and I am not able to find any examples on how to write MQTT to Influxdb when you have a MQTT using SSL. Can someone please provide a full example?

This is the link to the conf file https://github.com/influxdata/telegraf/blob/2f8d0f4d4784f1ee217bce2c40c94b1dd78bd908/etc/telegraf.conf

Thank you.

It appears that you must have one of the ssl options set or the insecure_skip_verify must be true to enable SSL. I’ll open an issue on the issue tracker but in the meantime can you set insecure_skip_verify = true?

I will include a fix in the next patch release so you can specify the protocol in the servers URL. Keep an eye on this pull request for updates.

Hi Daniel,

Thank you for your reply. I am new to this, so I just want to make sure. Do I use the MQTT cert or the telegraf cert. I’ve added a sample below.

servers = [“mqtt domain name:8883”]
qos = 0
topics = [
“iotdevices/+/#”,
]
client_id = "deviceCollection"
username = "user"
password = "pass"
data_format = "value"
data_type = “int”

–which cert do I use?
ssl_ca = “/mqtt-ca.cert” or ssl_ca = "/telegraf-ca.crt"
insecure_skip_verify = true

Thank you.

It should switch over to using ssl just by having insecure_skip_verify = true set, this disables cert verification so I think there is no purpose to also setting the ssl_ca. To answer your question though, use mqtt-ca.cert, the ssl_ca is the certificate for the key that has signed the MQTT certificate.

Thank you for the explanation, I have followed your instruction but keep getting different errors every time I restart the Telegraf service or reboot. No changes was made to the file when restarting.

Each line is a different restart or reboot:
E! Error parsing /etc/telegraf/telegraf.conf, line 2515: field corresponding to servers' is not defined in*system.SystemStats’
E! Error parsing /etc/telegraf/telegraf.conf, line 2546: field corresponding to data_format' is not defined in*system.SystemStats’
E! Error parsing /etc/telegraf/telegraf.conf, line 2519: field corresponding to connection_timeout' is not defined in*system.SystemStats’
E! Error parsing /etc/telegraf/telegraf.conf, line 2517: field corresponding to qos' is not defined in*system.SystemStats’

Here are the settings from the Telegraf.conf file:

servers = “mqtt-domain-name:8883”
qos = 0
topics = “iotdevices/+/#”
client_id = "deviceCollection"
username = "user"
password = "pass"
data_format = "value"
data_type = “int”
ssl_ca = "/ect/ssl//mqtt-ca.crt"
insecure_skip_verify = true

The errors are very strange, any thoughts?

I think you might be missing the plugin table: [[inputs.mqtt_consumer]].

Ok, I see what I did wrong. I forgot to uncomment the plugin table, here is the working settings.

[[inputs.mqtt_consumer]]
servers = [“mqtt-domain-name:8883”]
qos = 0
topics = [“iotdevices/+/#”]
client_id = "deviceCollection"
username = "user"
password = "pass"
data_format = "value"
data_type = “int”
ssl_ca = "/ect/ssl//mqtt-ca.crt"
insecure_skip_verify = true

I checked the logs and it looks like it’s working. Thank you so much for you help Daniel.
One more question, is there a way to make the error logs a bit more specific?

Thank you again.

I’m working on rewriting the configuration system, I’ll see what if I can do to improve the error message here a bit.

Great! and thank you again for your help.