Enabling mosquitto

Oct 1, 2025

Last Modified: Oct 8, 2025

mqtt mosquitto iot esp32 esp8266 cafile
1 min read

On this page

Installing

https://www.freshports.org/net/mosquitto

pkg update
pkg install mosquitto

Configuring local usage

In jail the mosquitto.conf file has the magic, but when trying to run the service we have

We edit the file /usr/local/etc/mosquitto/mosquitto.conf for basic safety

listener 1883
allow_anonymous false
password_file /usr/local/etc/mosquitto/passwd
mosquitto_passwd -c /usr/local/etc/mosquitto/passwd espuser (1)

1	You will be prompted for a password

Enabling startup

sysrc mosquitto_enable=YES

service mosquitto start

Starting mosquitto. 1759265215: Error: cafile specified without certfile and keyfile. /usr/local/etc/rc.d/mosquitto: WARNING: failed to start mosquitto

Error: cafile specified without certfile and keyfile.

It prevents us from being able to lift the mosquito service, because it requires TLS enabled, but for small local tests we can comment the following line:

grep -n cafile /usr/local/etc/mosquitto/mosquitto.conf

282:# cafile, certfile, keyfile, ciphers, and ciphers_tls13 options are supported.
354:# cafile and capath define methods of accessing the PEM encoded
357:# cafile defines the path to a file containing the CA certificates.
363:cafile /usr/local/share/certs/ca-root-nss.crt (1)
844:# Either bridge_cafile or bridge_capath must be defined to enable TLS support
846:# bridge_cafile defines the path to a file containing the
853:#bridge_cafile

1	We will comment on line 362.

➜  ~ service mosquitto restart

mosquitto not running? (check /var/run/mosquitto.pid).
Starting mosquitto.

➜  ~ sockstat -4 -l | grep 1883

nobody   mosquitto  17836 5  tcp4   *:1883                *:*