my mosquitto mqtt broker is not working anymore, it just tries to connect every minute and all my mqtt devices (like window sensor) are not working anymore (they seem to be online but they do not trigger any rules anymore).
“Starting MQTT broker connection to ‘localhost’.” and “Try to restore connection to ‘localhost’”
Here is what I changed before that behaviour:
I changed from openHab 3.1.0 (no milestone) to 3.2.0 (milestone 3) because I had trouble with the amazon binding (which is now working again with the binding from the marketplace)
I activated “basic auth & implicit user role” in the openHab web interface settings and switched from “http” to “https” when accessing the web interface, because I had problems with switches not being able to have the “off” state
Any suggestions what I might try to do here?
I had similar issues over the last days (were not at home for quite a while) and found out that my z2mqtt service did not connect to the mqtt broker anymore (still on OH 3.1.0).
At the end I found out that it has something to do with my certs which mqtt suddenly rejects (specifically the key.pem file, with error message that the protocol is not supported (I get those certs out of pfSense ACME, they worked before just fine)).
Did not find a solution yet, had to turn of TLS/HTTPS which got it back working, but obviously without certs.
I updated my zigbee2mqtt from 1.14 to 1.21 (after reboot still was not connecting). Then, I disabled the “basic auth & implicit user role” (but still accessing the web interface with https, so my “no-off” switches are still working) and now I don’t have any problems with the broker anymore, no reconnects.
I am still running the mosquitto v1.57 since I only use the Raspbian repository, but since I know now of the caveats of version 2 I think I will try an upgrade sometime soon.
So both error messages are related and and created within the same if tree.
SSL_CTX_use_PrivateKey_file() is described to do ( see : SSL_CTX_use_PrivateKey_file() )
SSL_CTX_use_PrivateKey_file() adds the first private key found in file to ctx. The formatting type of the certificate must be specified from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1. SSL_CTX_use_RSAPrivateKey_file() adds the first private RSA key found in file to ctx. SSL_use_PrivateKey_file() adds the first private key found in file to ssl; SSL_use_RSAPrivateKey_file() adds the first private RSA key found to ssl.
I think you can use openssl to check if your keyfile is ( still ) ok.
One check would be to check the format ( PEM ) - not just that the extension is .pem and if openssl can open the file and e.g convert it into a different format.