Skip to main content
Version: Mosquitto 2.6

Release Notes

We will never stop improving Eclipse Mosquitto. Stay up to date with our release notes.

If you have found any bugs or have feature requests, please submit these here.

Mosquitto MQTT Broker & MMC 2.6

Features

  • Client certificate authority management: The MMC is now able to store client certificate authorities and deploy them on all connected broker supporting the respective MQTT API endpoints. This allows the MMC to be the central unit around uploading and organizing client certificate authorities. This is the first step forward on supporting UI support for client certificate management. This feature will be further expanded in a future release.

  • Client Inspect: We have extended the client inspect plugin information. Now it is possible to check queue sizes (only important for QoS 1 & 2) and directly disconnect a client via the UI.

  • HA Cluster: Added new mode. The new Dynamic Security Synchronisation Cluster Mode provides a different type of HA cluster that synchronises the Dynamic Security authentication and authorisation settings throughout the cluster. Each node in the cluster is active and available for clients to connect to, but there is no inter-node MQTT communication.

Changes

  • General UI changes: The whole MMC has gotten a face-lift. All pages have been reworked to fit in the new UI.

  • Sidebar: The sidebar was rearranged to visually separate broker specific and global options. Broker specific pages can be found on the top and other are can be found at the bottom of the navigation bar.

  • Status Page: Is now called "Home" and went through a face-lift. A chart was added showing the currently connected clients and the maximum allowed client connections.

  • Breaking: Changed the "themes" structure in the config.json of the Management Center.

  • Bug Fixes

How to Upgrade

Configuration changes for version 2.6.0: docker-compose.yml:

  • Image reference for Mosquitto: "registry.cedalo.com/mosquitto/mosquitto:2.6"
  • Image reference for MMC: "registry.cedalo.com/mosquitto/management-center:2.6"
  • Additional MMC environment variables: CEDALO_MC_PROXY_CONFIG_CERTS: path-to-mmc-config-folder/certs.db mosquitt/config/mosquitto.conf:
  • plugin path-to-library-folder/cedalo_certificate_management.so

management-center/config/config.json:

  • Additional plugins: "cert-management" & "client-control"
  • Themes update

Migration from 2.5 to 2.6:

When migrating by replacing the 2.5 setup with a 2.6 setup the following steps need to be done:

  • Stop the current running 2.5 installation
  • Replace the following files from the current 2.5 setup in the new setup:
    • All files from the “config” folder in "management-center"
      • IMPORTANT: Before overwriting the 2.6 “config” folder make a copy of the existing “config.json” file. The “theme” and “plugins” parts from the new config.json need to be transferred to the old “config.json”. Some changes in this file are required in the new version. Using the old file and updating it, ensures that your current configurations are mirgated, while ensuring the configuration works.
    • The complete "data" folder from the "mosquitto" folder
  • Start new setup

Mosquitto MQTT Broker 2.0

Broker features:

  • New plugin interface which is more flexible, easier to develop for and easier to extend.

  • New dynamic security plugin, which allows clients, groups, and roles to be defined and updated as the broker is running.

  • Performance improvements, particularly for higher numbers of clients.

  • When running as root, if dropping privileges to the "mosquitto" user fails, then try "nobody" instead. This reduces the burden on users installing Mosquitto themselves.

  • Add support for Unix domain socket listeners.

  • Add bridge_outgoing_retain option, to allow outgoing messages from a bridge to have the retain bit completely disabled, which is useful when bridging to e.g. Amazon or Google.

  • Add support for MQTT v5 bridges to handle the "retain-available" property being false.

  • Allow MQTT v5.0 outgoing bridges to fall back to MQTT v3.1.1 if connecting to a v3.x only broker.

  • DLT logging is now configurable at runtime with log_dest dlt. Closes #1735.

  • Add mosquitto_plugin_publish() function, which can be used by plugins to publish messages.

  • Add mosquitto_client_protocol_version() function which can be used by plugins to determine which version of MQTT a client has connected with.

  • Add mosquitto_kick_client_by_clientid() and mosquitto_kick_client_by_username() functions, which can be used by plugins to disconnect clients.

  • Add support for handling $CONTROL/ topics in plugins.

  • Add support for PBKDF2-SHA512 password hashing.

  • Enabling certificate based TLS encryption is now through certfile and keyfile, not capath or cafile.

  • Added support for controlling UNSUBSCRIBE calls in v5 plugin ACL checks.

  • Add "deny" acl type. Closes #1611.

  • The broker now sends the receive-maximum property for MQTT v5 CONNACKs.

  • Add the bridge_max_packet_size option. Closes #265.

  • Add the bridge_bind_address option. Closes #1311.

  • TLS certificates for the server are now reloaded on SIGHUP.

  • Default for max_queued_messages has been changed to 1000.

  • Add ciphers_tls1.3 option, to allow setting TLS v1.3 ciphersuites. Closes #1825.

  • Bridges now obey MQTT v5 server-keepalive.

  • Add bridge support for the MQTT v5 maximum-qos property.

  • Log client port on new connections. Closes #1911.

Broker fixes:

  • Send DISCONNECT with malformed-packet reason code on invalid PUBLISH, SUBSCRIBE, and UNSUBSCRIBE packets.

  • Document that X509_free() must be called after using mosquitto_client_certificate(). Closes #1842.

  • Fix listener not being reassociated with client when reloading a persistence file and per_listener_settings true is set and the client did not set a username. Closes #1891.

  • Fix bridge sock not being removed from sock hash on error. Closes #1897. mosquitto_password now forbids the : character. Closes #1833.

  • Fix log_timestamp_format not applying to log_dest topic. Closes #1862.

  • Fix crash on Windows if loading a plugin fails. Closes #1866.

  • Fix file logging on Windows. Closes #1880.

  • Report an error if the config file is set to a directory. Closes #1814.

  • Fix bridges incorrectly setting Wills to manage remote notifications when notifications_local_only was set true. Closes #1902.