i have a domain and i installed cert bot to generate certificates for my domain and i succeeded.
i have an ubuntu 20.04 with nginx and a docker-compose that contain a docker for node-red, grafana, influx and mosquitto every thing was working fin until i decided to secure my mosquitto broker with lets-encrypt certificate i got the message error :connection refused and i have seen that my mosquitto docker keeps restarting for the mosquitto conf file i have added these lines
indent preformatted text by 4 spaces
Are your certificate files accessible from that broker container? If the file is located at host machine, you need to allow that container to access it.
i thought that was the problem so i copied the certificates to the folder of the mosquitto container and changed /etc/letsencrypt/live/Mydomain.fr/cert.pem with /home/docker/docker-compose/data/mosquitto/certs/ and it didn't work
P.S. if you say the docker keep restarting, do you know what's the error from that container?
You can generally view logs of container with docker logs your_container_id or docker-compose logs your_container_id
I think this is the issue, you are only sharing ./data/mosquitto/. There's definitely a file reference to /etc/letsencrypt/
Do you mind add the below line into volumes and see what will happen? - /etc/letsencrypt/live/Mydomaine.com/:/etc/letsencrypt/live/Mydomaine.com/
Replace mydomaine.com to your real path reference.
P.S. IMO it might be better to have your host machine handle reverse proxy + SSL termination if possible (for small personal projects)... it's just easier.
even though i changed etc/letsencrypt/live/Mydomaine.com/ in mosquitto.conf with home/docker/docker-compose/dol/data/mosquitto/ and i have always the same problem
1603203106: Error: Unable to load CA certificates. Check cafile "/home/docker/docker-compose/dol/data/mosquitto/certs/chain.pem".
1603203106: OpenSSL Error[0]: error:02FFF002:system library:func(4095):No such file or directory
1603203106: OpenSSL Error[1]: error:20FFF080:BIO routines:CRYPTO_internal:no such file
1603203106: OpenSSL Error[2]: error:0BFFF002:x509 certificate routines:CRYPTO_internal:system lib
when i added the line to the volume the logs are
603203266: Config loaded from /mosquitto/config/mosquitto.conf.
1603203266: Opening ipv4 listen socket on port 1883.
1603203266: Opening ipv6 listen socket on port 1883.
1603203266: Error: Unable to load CA certificates. Check cafile "/etc/letsencrypt/live/Mydomin.com/chain.pem".
1603203266: OpenSSL Error[0]: error:02FFF002:system library:func(4095):No such file or directory
1603203266: OpenSSL Error[1]: error:20FFF080:BIO routines:CRYPTO_internal:no such file
1603203266: OpenSSL Error[2]: error:0BFFF002:x509 certificate routines:CRYPTO_internal:system lib
Ii think i have found a solution is by copying the certificat to my docker container now i have a nother problem: when i do mosquitto_pub i can see the data on mynode -red but if i do inject data with the node red i can't recieve it it's a weird problem
]