How to set up an MQTT Broker step by step
MQTT, or Message Queuing Telemetry Transport, is a machine-to-machine communication protocol that enables the exchange of messages and commands between devices securely and straightforwardly. It is a widely used standard protocol in machine communication, particularly in IoT (Internet of Things) applications. MQTT emerged in the 1990s as an alternative to HTTP, which, despite being globally popular, presented several issues regarding security and reliability.
In this blog, you’ll understand the MQTT protocol, how it works, and how to install it properly.
How communication works in the MQTT protocol
In MQTT, data is exchanged through a type of server known as a broker. All communication takes place via topics, which are the addresses to which messages are sent. Devices that send messages are called publishers, and they publish to these topics. Devices that want to receive messages subscribe to these addresses and are called subscribers.
So, whenever a device publishes a message to a topic, all those subscribed to that topic receive the message. The broker simply handles the connection between publishers and subscribers; it does not alter or store the data—it just forwards it.
This form of communication is simple, fast, and highly efficient, ideal for applications involving sensors, industrial automation, or IoT-connected devices.
Popular MQTT brokers include Mosquitto, EMQX, HiveMQ, and VerneMQ.
Prerequisites
Before configuring an MQTT broker, ensure the following prerequisites are met:
You need an environment with administrative access to the operating system (Linux, Windows, etc.) to install and configure the services. Additionally, the machine or server must have a stable network connection since the broker will manage communications between clients and devices.
For production environments, it’s recommended to have a minimum infrastructure with good processing power and memory, especially if the broker will handle a large number of simultaneous connections.
Step-by-step installation
With the prerequisites in hand, it’s time to start configuring the MQTT broker. In this guide, we will use Mosquitto, one of the most popular and widely adopted MQTT brokers in the market, as a practical example.
The process includes essential steps such as installing the broker, adjusting basic configuration (communication port, user authentication, and access permissions), as well as security settings using TLS/SSL encryption.
We will also show how to perform message publishing and subscribing tests to ensure the broker is working correctly.
Finally, we will cover how to monitor logs and track connection status to keep the operation safe and efficient.
On Linux (Ubuntu/Debian), open the terminal and run the following commands:
sudo apt update
sudo apt install mosquitto mosquitto-clients
On Windows, go to the official Mosquitto website (https://mosquitto.org/download/) and download the installer compatible with your operating system version. Follow the installation wizard instructions.
After installation, it is possible to adjust the main configuration file, usually located in /etc/mosquitto/mosquitto.conf (Linux) or in the installation folder (Windows).
The main adjustments include:
Communication port: The Default is 1883 for connections without TLS.
Creating users and passwords: To enable authentication, create a password file with the command:
Sudo mosquitto_passwd -c /etc/mosquitto/passwd user
Then, add the configuration to the .conf file:
allow_anonymous false
password_file /etc/mosquitto/passwd
Access Control (ACL): Defines who can publish or subscribe to specific topics.
For production environments, it is recommended to enable encrypted communication. This ensures that the transmitted data is not intercepted by third parties. For this, it is necessary to:
Generate a digital certificate (or obtain one from a certification authority);
Add the following lines to the mosquitto.conf file:
listener 8883
cafile /etc/mosquitto/certs/ca.crt
certfile /etc/mosquitto/certs/server.crt
keyfile /etc/mosquitto/certs/server.key
Port 8883 is the default for secure MQTT connections.
With the broker configured and running, you can test communication using MQTT clients:
To publish a message:
mosquitto_pub -h localhost -t “test/topic” -m “Hello, MQTT!”
Important
This test must be done on the same computer with two terminal instances open, since -h (host) is being used as localhost. That is, only the machine itself will be able to communicate with itself.
For other devices connected to the same network to communicate with the broker, the following code must be added to the “mosquitto.conf” file:
listener 1883
By including the code, the communication port will be opened so that any device with a valid IP on the network can connect to the broker. After that, run the following code in the terminal:
mosquitto -c “Path\to\mosquitto.conf” -v
You must specify the file path of mosquitto.conf to run with the made configurations.
Once this is done, the broker will run, and any device on the same network will be able to connect using the computer’s IP (as long as the port is not blocked by a firewall).
To subscribe to a topic:
mosquitto_sub -h localhost -t “test/topic”
If the configuration is correct, when publishing the message, it will immediately appear in the terminal of the client subscribed to the topic.
Finally, monitor the broker’s operation records to ensure everything is working correctly. On Linux, you can access the logs with:
tail -f/var/log/mosquitto/mosquitto.log
This practice helps identify connection problems, authentication errors, and the behavior of connected clients.
The importance of good configuration
The correct configuration of an MQTT broker is essential to ensure a secure, efficient, and stable data flow in industrial communication, IoT, and automation applications. As we have seen throughout this content, with a few steps it is possible to install and configure a broker like Mosquitto, enable authentication, apply encryption, and monitor connections practically.
By investing time in proper configuration and adopting good practices, such as access control and log monitoring, your operation will be prepared to support a large volume of messages and ensure the integrity and reliability of the transmitted information.
If your company works with continuous monitoring of temperature and humidity, sensor integration, or critical data communication, mastering MQTT and keeping a well-configured broker can make all the difference for the security and efficiency of your processes.
If you still have questions about the configurations, contact NOVUS support and find out how to implement a complete monitoring system integrated with your MQTT broker.