question

jmq1961 avatar image
jmq1961 asked

Instructions for the Venus OS 3.20 MQTT fix

I made the MQTT working again as before.

Here a detailed setup i did.

Please read the file.Venus320MQTTOK.pdf

MQTT
venus320mqttok.pdf (103.9 KiB)
3 comments
2 |3000

Up to 8 attachments (including images) can be used with a maximum of 190.8 MiB each and 286.6 MiB total.

lumik avatar image lumik commented ·

Hello, does this solution make the Victron MQTT password protected? I've tried following your guide (thanks), but it seems that FlashMQ ignores the username/password file. I have also added "allow_anonymous false" to the listener block, but without luck - I am still able to connect to SSL MQTT without any password.

My goal is to make the MQTT password protected, until this feature is made native in Venus.

Of course, I did reboot Cerbo to make the config changes effective.

I suspect that the FlashMQ in Venus does not include the auth plugin or simply ignores/overrides auth settings.

I am using v 3.40, and I am really into making it secure, until the official solution comes.

0 Likes 0 ·
mvader (Victron Energy) avatar image mvader (Victron Energy) ♦♦ lumik commented ·

Hey @lumik I expect us to have a beta version with a secured MQTT real soon. Ie. weeks.


Matthijs

0 Likes 0 ·
lumik avatar image lumik mvader (Victron Energy) ♦♦ commented ·

Sounds wonderful, thanks for update on this! I look forward to test it :)

0 Likes 0 ·
3 Answers
mvader (Victron Energy) avatar image
mvader (Victron Energy) answered ·

Hey @JMQ1961 what is this about? From what software or device are you trying to connect to MQTT?

With the software we use and tried it works fine.

2 |3000

Up to 8 attachments (including images) can be used with a maximum of 190.8 MiB each and 286.6 MiB total.

jmq1961 avatar image
jmq1961 answered ·

I wrote this for a friend. He has no other MQTT server.

He uses OpenDTU for reading Out the Hoymiles inverter,

1708332754252.png

OpenDTU will not connect when no user is set.

Once connected with a User name and Password MQTT Data is send to flashmq.

1708333219322.png

Now Node-Red can read the incoming MQTT data

here is the Node-red Screenshot

1708332958255.png



1708332754252.png (58.3 KiB)
1708332958255.png (438.6 KiB)
1708333219322.png (124.5 KiB)
2 |3000

Up to 8 attachments (including images) can be used with a maximum of 190.8 MiB each and 286.6 MiB total.

mvader (Victron Energy) avatar image
mvader (Victron Energy) answered ·

Hey again,

I think the problem your friend was having is the one described in our below text.

The solution in your PDF suggests modifying Venus OS, which is not easy to do and any changes made will be gone once another firmware update is installed.


Please check!


----


Finally, and this is the same issue (2) above that CeriW ran into: there is a difference between how Mosquitto and FlashMQ treat anonymous logins on MQTT. Mosquitto treated the specifications a bit loosely, and accepted an empty username. FlashMQ is more strict, and if during login the client says that there is a username, it also expects one. And if there is none, it refuses to connection.

On some clients and implementations that works fine; but - as clear now - there are also implementations on which that gives a problem. What you see then is that the software you're using is unable to connect.

And if you'd look in the logs on the GX device, you'd see this:

[ERROR] Unspecified or non-MQTT protocol error: Username flagged as present, but it's 0 bytes.. Removing client.

To work around this, configure a username and password in the MQTT software you are using. Then FlashMQ will accept the connection, even though there is no username or password required.

This workaround does *not* require you to login to the GX command line and make changes there.

2 |3000

Up to 8 attachments (including images) can be used with a maximum of 190.8 MiB each and 286.6 MiB total.

Related Resources