MQTT Credentials Error

Hi All
I am trying to add a MQTT trigger credentials. When entering credentials, I get the following error (credentials are definitely correct).
Any help appreciated.

Hey @mbuk,

Looks like a fairly standard connection closed message which doesn’t help. Can you fill out the template so we can see how you have n8n running?

Yes, can fill in the template when I am back at my computer this evening. We run n8n on a digital ocean docker droplet. Was thinking maybe a firewall rule, but there’s no specific firewall restrictions set-up in DO

Here is the completed template this is the error i am getting when trying to connect to my mqtt instance:

What is the error message (if any)?

No testing function found for this credential.

Please share the workflow

It's just the MQTT Trigger module - nothing else. 

Share the output returned by the last node

This error is when trying to save the MQTT credentials

Information on your n8n setup

Version 0.204.0 on digital ocean docker install

Is mqtt in a container on the same host?

no, its an instance on

Is there anything on there that might be blocking the connection? I have tested on a local mqtt install I have and it was working so I assume this is going to be environmental. Could be network or config it is hard to say.

Thanks Jon - I will check with the cloudmqtt support guys

Could be worth setting up a local mqtt instance on the droplet first and seeing if that works then branching out.

Im not sure how to configure a local mqtt instance on the server. I also have an instance with HiveMQ and getting the same, so imagine it may well be something on the server but don’t really know what I’m looking for.

I will set up a CloudMQTT account tomorrow and see if I can connect to it. I take it you have checked the OS on the droplet and dockers network settings for anything odd?

Hi jon
I’ve checked what I can - can’t see anything obvious, but I’m not a server admin expert.

Hi jon
Quick update. IU’ve now managed to connect to the cloudmqtt instance after rechecking firewall rules and make some changes. I only seem to be able to do this though on port 18726. I don’t seem to be able to establish a connection using SSL.

Hey @mbuk,

That could do it, It looks like we support SSL in the node credentials so it could be a certificate issue if it is self signed or maybe some kind of protocol mismatch. What is the service expecting?

Hi Jon
CloudMQTT came back to me indicating it is certificate related. I’ve pasted what their response is below, I’m just not sure how to implement the certificate in the CA certificartes section of the mqtt trigger module?

I attempted to connect to your subscription using the mosquitto_sub and mosquitto_pub CLI, but in order to connect I had to specify the cafile explicitly. That seems unusual for our servers; but I haven’t yet been able to determine why the configuration is set up that way.

In any case, for now you also should be able to connect if you include the cafile in your handshake request. The cert can be downloaded from the link in our documentation here: Documentation - FAQ | CloudMQTT

Hey @mbuk,

In the nodes credentials if you toggle the SSL option at the bottom you should be able to paste the contents of the Certificate into the CA Certificates field. Normally though if a signed certificate is used this doesn’t tend to be needed unless the n8n instance is using an out of date cacerts lists.

Hi Jon
I’m being thick here, but what values from the certificate do we enter? There’s a load of information listed on the certificate.

Hey @mbuk,

The contents of the cert so something like the below might sort it.



I’ve added that and changed to protocol to mqtts and that now passes connection test:

But when I listen for events or enable the workflow, I get this error:

I did contact cloudmqtt support and their response was:
“It’s not clear to me what client code you are using for the MQTT connection request. It sure seems like it has not included the CA cert file.”

Hey @mbuk,

Yeah that looks like the certificate is not being trusted still, Looking at the code it looks to be set though. What happens if you toggle the ignore cert errors option?