Hi, In the course of testing Chirpstack 4 on a Raspberry (debian/ubuntu, no docker) I did the mosquitto TLS configuration according to the following documentation:
https://www.chirpstack.io/docs/guides/mosquitto-tls-configuration.html
This runs at first until a reboot of the server is performed, then I get the following error message:
chirpstack[692]: INFO chirpstack::integration::mqtt: Connecting to MQTT broker server_uri=tcp://localhost:1883/ client_id=xxx clean_session=false
chirpstack[692]: Error: Setup MQTT integration
chirpstack[692]: Caused by:
chirpstack[692]: 0: Connect to MQTT broker
chirpstack[692]: 1: [-1] TCP/TLS connect failure
systemd[1]: chirpstack.service: Main process exited, code=exited, status=1/FAILURE
systemd[1]: chirpstack.service: Failed with result 'exit-code'.
systemd[1]: chirpstack.service: Scheduled restart job, restart counter is at 5.
systemd[1]: Stopped ChirpStack open-source LoRaWAN Network Server.
systemd[1]: chirpstack.service: Start request repeated too quickly.
systemd[1]: chirpstack.service: Failed with result 'exit-code'.
systemd[1]: Failed to start ChirpStack open-source LoRaWAN Network Server.
I think maybe it is because of the permission settings? To get the ca.pem, cert.pem and key.pem from the Chirpstack web-interface under integration MQTT, I changed the ownership of the /etc/chirpstack/certs directory and files to the owner chirpstack. However, I am getting nowhere with the above error message.
I would be grateful for support, also how the ownership/permission assignment of the directories and files of /etc/chirpstack/certs and /etc/mosquitto/certs to be created must look, in order to achieve at the same time the best possible security.