IBM Integration Bus, Version 10.0.0.9 Operating Systems: AIX, HP-Itanium, Linux, Solaris, Windows, z/OS


Securing MQTT connections

The connection between MQTT nodes in a message flow and the MQTT server can be encrypted by using SSL.

Before you can encrypt the connection to the MQTT server, you must complete the following tasks:
You can encrypt the connection between the MQTT server and a MQTTSubscribe or MQTTPublish message flow node by using one the following methods:
During development
Select the Use SSL check box in the MQTT message flow node properties, and set the appropriate port number. The default SSL port number is 8883.
During deployment
Set the connectionUrl property by using the mqsiapplybaroverride. The connectionUrl property must include, the protocol, the host name, and the port. For example:
mqsiapplybaroverride -b my.bar -k myApplication -m myFlow#MQTTPublish.connectionUrl=ssl://myMQTTserver.com:8883
    
To configure the connection so that SSL is not used, change the protocol to tcp. For example:
mqsiapplybaroverride -b my.bar -k myApplication -m myFlow#MQTTPublish.connectionUrl=tcp://myMQTTserver.com:1883
    
If set, the value of the connectionUrl property takes precedence over the values of the following MQTT message flow node properties:
  • Host name
  • Port
  • Use SSL
For more information about the mqsiapplybaroverride, see mqsiapplybaroverride command.
At run time
Set the connectionUrl local environment variable in the LocalEnvironment.Destination.MQTT.Output subtree; see Using local environment variables with MQTT nodes.

bc62030_.htm | Last updated 2017-07-17 12:46:23