Is there any way to use username&password to connect AWS IoT without ALPN tag?

Question

In AWS IoT, by using a custom authorization policy, you can connect to IoT using mqtts:// with the ALPN tag 'mqtt', or using mqtts:// (WebSocket) to connect to IoT.

My Question is there's any way to connect to iot by mqtts://(Tls , port 443) without set ALPN tag?

If there is no direct solution, what are some indirect approaches to address the issue of not being able to set the ALPN tag (or cert ) and only being able to log in using a username and password?

If anyone is willing to share the solution, I would greatly appreciate it : )

Arun Kadian · Answer

Per my info, connecting to AWS IoT using mqtts:// (TLS, port 443) without setting the ALPN tag is not directly possible. The ALPN tag is crucial for the server to identify the protocol being used, and without it, the connection attempt will likely fail.

Maybe use port 8883 - This is the standard port for MQTT over TLS with client certificate authentication in AWS IoT. You can connect to your IoT endpoint using mqtts://.iot..amazonaws.com:8883 and provide your device certificate and private key during the connection process. I don't think ALPN tag will be needed in tht case.

If you need to use port 443 specifically, you can create a custom authorization policy that uses a Lambda function to validate the username and password. This approach requires more configuration but allows you to connect using username and password on port 443.Configure your MQTT client to connect to the endpoint using mqtts://.iot..amazonaws.com:443 and set the ALPN tag to "mqtt".

Is there any way to use username&password to connect AWS IoT without ALPN tag?

Add your answer

Relevant content