Skip to content

Mqtt Broker Wss

DodaTech 1 min read

In this tutorial, you'll learn about EMQX Websocket Secure WSS Not Working. We cover key concepts, practical examples, and best practices.

The Problem

WebSocket Secure (WSS) connections to EMQX fail in browser clients.

Quick Fix

Wrong

new WebSocket('wss://broker:8084/mqtt')  # Connection failed
WebSocket connection error — ERR_CONNECTION_REFUSED.
# 1. Enable WSS listener in emqx.conf:
# listeners.wss.default {
#   bind = '0.0.0.0:8084'
#   keyfile = '/etc/emqx/certs/key.pem'
#   certfile = '/etc/emqx/certs/cert.pem'
# }

# 2. JavaScript client
const client = mqtt.connect('wss://broker.example.com:8084/mqtt', {
  username: 'user',
  password: 'pass',
  rejectUnauthorized: false  // Self-signed certs
})

client.on('connect', () => console.log('Connected via WSS'))
Connected via WSS (browser WebSocket client).

Prevention

WSS path must be /mqtt. For self-signed certs, browsers show a warning. Use Let's Encrypt for production. Check CORS: EMQX Dashboard has CORS settings. For mixed content, use wss:// (not ws://) on HTTPS pages. Set ws_opts.mqtt_path if changing the path.

DodaTech engineers apply these same patterns across Doda Browser, DodaZIP, and Durga Antivirus Pro for production IoT reliability.

FAQ

### What is the default WSS path?

/mqtt — e.g., wss://broker:8084/mqtt. This sends the initial HTTP upgrade request.

Can I use plain WebSocket?

Yes. Port 8083 for ws://, 8084 for wss://. Plain WebSocket does not use TLS.

Does WSS support all MQTT features?

Yes. WSS is MQTT over WebSocket. All QoS levels, retain, and will messages work the same as TCP.

Built by the developers of DodaTech

Doda Browser, DodaZIP & Durga Antivirus Pro