Shelly Gen 2 connecting to MQTT over SSL

  • Hi All

    Has anyone had any success connecting a Shelly Gen2 device to MQTT over SSL - I know that you can do this in the underlying MongooseOS but can you do it in the base Shelly. I can see an option for user_ca but that's it - do I assume this is a bundle of CA + cert + key - if so - how do we create this?

    Ultimately I'd love to connect this to AWS Iot - but for now I would settle for an MQTT over SSL connection to my own broker.

    Any help much appreciated!

    Steve

  • but do not have a clue how to install the crt the ca and the key. Is there anyone who can help here?

    you'd only need the CA file. this can be uploaded via Webinterface-

    Settings - user certificate - upload ca file.

    pasted-from-clipboard.png

    SSL support for outbound connections | Shelly Technical Documentation
    Custom CA PEM Bundle
    shelly-api-docs.shelly.cloud

    the certificate and private key are both files for the mqtt server side.

    >100 Shellies, darunter so gut wie alles was der Hersteller produziert hat. ;)
    :!: ich beantworte grundsätzlich keine Fragen per persönlicher Nachricht:!:

  • Hi,

    thanks for your quick response. But I am sorry, I am a little bit confused. I need the csr-file which I create for this specific Client.

    To do so, I need the Hostname (FQDN) . Due to the fact, that the actual hostname cannot be changed, I have to use the factory default name. (e.g. shellyplus2pm-123456789YY) .

    To create the certificate I have to use a code like this and I also have to sign it with my server -ca.

    Code
    openssl req -new -out shellyplus2pm-123456789YY.csr -key shellyplus2pm-123456789YY.key
    
    openssl x509 -req -in shellyplus2pm-123456789YY.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out shellyplus2pm-123456789YY.crt -days 365

    The key-file is not used by the shelly, correct?

    Thanks,

    Spartacus99

  • Is there any updates on this topic. I tried with no result. I uploaded my own certificates with PutUserCA, PutTLSClientCert and PutTLSClientKey and restarted the shelly after that. MQTT is enabled for sure but I didn't get it connected.

    Did anyone get success on this? Can anyone show an example or something to follow?

    Thank you so much.

  • Dieses Thema enthält 2 weitere Beiträge, die nur für registrierte Benutzer sichtbar sind, bitte registrieren Sie sich oder melden Sie sich an um diese lesen zu können.