Question

Installing mosquitto on 20.04

Posted February 21, 2021 1.9k views
Ubuntu 20.04

I want to install mosquitto on Ubuntu 20.04, but Digital Ocean only has a tutorial for doing this under 18.04. Is the proceedure the exact sme for 20.04? I’m asking because I couldn’t complete the install without running into an error when trying to restart mosquitto.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
2 answers

Hello @N4TTY ,

There should not be any major difference in the tutorial for Ubuntu 20.04 I recommend following https://www.digitalocean.com/community/tutorials/initial-server-setup-with-ubuntu-20-04 to setup Ubuntu 20.04 and then https://www.digitalocean.com/community/tutorials/how-to-install-and-secure-the-mosquitto-mqtt-messaging-broker-on-ubuntu-18-04 to install Mosquitto.

Let us know if you are stuck at any point.

Cheers,
Lalitha

by Brian Boucheron
by Hanif Jetha
MQTT is a machine-to-machine messaging protocol, designed to provide lightweight publish/subscribe communication to "Internet of Things" devices. Mosquitto is a popular MQTT server (or broker, in MQTT parlance) that has great community support and is easy to install and configure. In this tutorial, we'll install Mosquitto, retrieve SSL certificates from Let's Encrypt, and set up our broker to use SSL to secure our password-protected MQTT communications.
  • I started completely over (dropped the droplet and created a new one) then went thru the tutorial on installing a LEMP stack. Everything worked perfectly. Then I tried installing an Encrypt Certificate Using DNS Validation with certbot-dns-digitalocean on Ubuntu 20.04. All that worked just fine up to the point that I tried the “sudo certbot renew –dry-run” process. At that point I got the results that are shown in the “code” snippet below. I have changed references to my domain to “xyzzy.”

    I haven’t even gotten to the “mosquitto” install yet!

    steveg@droplet02:~$ sudo certbot renew --dry-run
    Saving debug log to /var/log/letsencrypt/letsencrypt.log
    
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Processing /etc/letsencrypt/renewal/xyzzy.com-0001.conf
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Cert not due for renewal, but simulating renewal for dry run
    Plugins selected: Authenticator dns-digitalocean, Installer None
    Renewing an existing certificate
    Performing the following challenges:
    dns-01 challenge for xyzzy.com
    Waiting 10 seconds for DNS changes to propagate
    Waiting for verification...
    Cleaning up challenges
    
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    new certificate deployed without reload, fullchain is
    /etc/letsencrypt/live/xyzzy.com-0001/fullchain.pem
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Processing /etc/letsencrypt/renewal/xyzzy.com.conf
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Cert not due for renewal, but simulating renewal for dry run
    Plugins selected: Authenticator dns-digitalocean, Installer None
    Renewing an existing certificate
    Performing the following challenges:
    dns-01 challenge for xyzzy.com
    Waiting 10 seconds for DNS changes to propagate
    Waiting for verification...
    Challenge failed for domain xyzzy.com
    dns-01 challenge for xyzzy.com
    Cleaning up challenges
    Attempting to renew cert (xyzzy.com) from /etc/letsencrypt/renewal/xyzzy.com.conf produced an unexpected error: Some challenges have failed.. Skipping.
    The following certs could not be renewed:
      /etc/letsencrypt/live/xyzzy.com/fullchain.pem (failure)
    
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ** DRY RUN: simulating 'certbot renew' close to cert expiry
    **          (The test certificates below have not been saved.)
    
    The following certs were successfully renewed:
      /etc/letsencrypt/live/xyzzy.com-0001/fullchain.pem (success)
    
    The following certs could not be renewed:
      /etc/letsencrypt/live/xyzzy.com/fullchain.pem (failure)
    ** DRY RUN: simulating 'certbot renew' close to cert expiry
    **          (The test certificates above have not been saved.)
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    1 renew failure(s), 0 parse failure(s)
    
    IMPORTANT NOTES:
     - The following errors were reported by the server:
    
       Domain: xyzzy.com
       Type:   unauthorized
       Detail: Incorrect TXT record
       "RnxQZrMwqoTzuqx-C2h8WCV1HkxnUFkAUPYaBxk6Oh8" found at
       _acme-challenge.xyzzy.com
    
       To fix these errors, please make sure that your domain name was
       entered correctly and the DNS A/AAAA record(s) for that domain
       contain(s) the right IP address.
    steveg@droplet02:~$
    

    And DNS seems to be OK as I can access the index.html and the todo_list.php that was used to test the PHP and MySQL installation just fine via my domain name!000

    • Hi,

      The log you provided says:

      Performing the following challenges:
      dns-01 challenge for xyzzy.com
      Waiting 10 seconds for DNS changes to propagate
      Waiting for verification...
      Challenge failed for domain xyzzy.com
      

      Waiting time for DNS changes propagation may be to short. What I can suggest is increasing it. Try to run following command:

      sudo certbot renew --dry-run --dns-digitalocean-propagation-seconds 30 
      

      Let us know if it helps, pls.

Hi,

Installation and configuration procedure described in tutorial for Ubuntu 18.04 is suitable for Ubuntu 20.04 as well. However, keep in mind that Mosquitto has evolved since the tutorial was published. There are some improvements/changes in its configuration. For example, since ver. 1.5 you can differentiate some settings per listener. I recommend taking a look at a manual of the version you are using by typing in your command line:

man mosquitto.conf

To troubleshoot the problem check Mosquitto’s log which (by default) is located due to configuration in /etc/mosquitto/mosquitto.conf

/etc/mosquitto/mosquitto.conf
...
log_dest file /var/log/mosquitto/mosquitto.log
...

Due to above settings, display last 100 lines of the log file:

sudo tail -100 /var/log/mosquitto/mosquitto.log

…and check what is going there.

As the error may be related to some mistake made in config file, I am giving a portion of my config for reference:

/etc/mosquitto/conf.d/default.conf
per_listener_settings false

allow_anonymous false
password_file /etc/mosquitto/passwd

listener 1883 localhost

listener 8883
cafile /etc/letsencrypt/live/mydomain.what/chain.pem
certfile /etc/letsencrypt/live/mydomain.what/cert.pem
keyfile /etc/letsencrypt/live/mydomain.what/privkey.pem

Let me know how it works, pls.