#mqtt #broker #iot #kafka #nats

bin+lib rumqttd

Distributed, embeddable mqtt broker library

17 releases (11 breaking)

0.11.0 Apr 21, 2022
0.10.0 Mar 3, 2022
0.9.0 Oct 30, 2021
0.7.0 Jun 9, 2021
0.0.1 May 15, 2020

#212 in Network programming

Download history 498/week @ 2022-01-24 244/week @ 2022-01-31 349/week @ 2022-02-07 359/week @ 2022-02-14 301/week @ 2022-02-21 280/week @ 2022-02-28 317/week @ 2022-03-07 374/week @ 2022-03-14 409/week @ 2022-03-21 285/week @ 2022-03-28 227/week @ 2022-04-04 197/week @ 2022-04-11 345/week @ 2022-04-18 382/week @ 2022-04-25 440/week @ 2022-05-02 255/week @ 2022-05-09

1,432 downloads per month
Used in 3 crates

Apache-2.0

195KB
5K SLoC

rumqttd

crates.io page docs.rs page

native-tls support

This crate, by default uses the tokio-rustls crate. There's also support for the tokio-native-tls crate. Add it to your Cargo.toml like so:

rumqttd = { version = "0.5", default-features = false, features = ["use-native-tls"] }

Then in your config file make sure that you use the pkcs12 entries under certs for your cert instead of cert_path, key_path, etc.

[rumqtt.servers.1]
port = 8883

[servers.1.cert]
pkcs12_path = "/root/identity.pfx"
pkcs12_pass = "<your password>"

Here's what a Rustls config looks like:

[servers.1]
port = 8883

[servers.1.cert]
cert_path = "tlsfiles/server.cert.pem"
key_path = "tlsfiles/server.key.pem"
ca_path = "tlsfiles/ca.cert.pem"

You can generate the .p12/.pfx file using openssl:

openssl pkcs12 -export -out identity.pfx -inkey ~/pki/private/test.key -in ~/pki/issued/test.crt -certfile ~/pki/ca.crt

Make sure if you use a password it matches the entry in pkcs12_pass. If no password, use an empty string "".

Dependencies

~12–23MB
~453K SLoC