MQTT broker refuses connection from adapter

[walkjivefly]

I am keen to try this integration but have hit a problem right at the start. Quite possibly due to my newbie status with MQTT, but maybe not...

I tried reconfiguring the eSolar WiFi2 adapter (which my installer says is the only module supported on the H1 series inverters and which is the one they supplied) to talk to my local Mosquitto MQTT broker rather than the SAJ cloud service. The module does not immediately (or even at all) start using the reconfigured address. Rebooting the module from the menu, or unplugging and replugging it simply reverts the configured address to the SAJ cloud, so it seems "they've" locked it down somehow.

So I did some DNS poisoning instead and redirected the cloud address to my local MQTT broker. But the broker refuses the connection. Presumably the adapter doesn't use certificates or encryption since there is no mention of either in the README.md and the target port in the adapter configuration is 1883. I've tried configuring (and restarting) the broker to allow anonymous logins but regardless of how it's configured it refuses the connection from the adapter with

1691266278: Client <inverter serial no> disconnected, not authorised.
1691266293: New connection from 192.168.100.159:50720 on port 1883.

SAJ technical support email for .eu and .nl refuse my email messages, .com simply doesn't answer, and my installer doesn't answer technical questions so I can't easily find out what password it might be using.

Is there some way I can persuade the MQTT broker to accept the connection?

[paolosabatino]

Hello!

First of all, I never actually tried myself the "reconfiguration" of destination IP of the MQTT broker from the App so I don't know if they locked it down, or even if it ever worked. Some people on forums reports it worked, so I just reported it here.

I am using Mosquitto MQTT broker on a rather standard Debian Bookwork distribution. The configuration of the MQTT broker is very basic in my case. I have a file in /etc/mosquitto/conf.d/broker.conf with this content:

listener 1883 192.168.1.101
allow_anonymous true
#log_type all

Of course 192.168.1.101 is the IP address of the broker. I did not change anything about certificates or whatever, this kind of configuration should allow anonymous login or password login without any check, so keep it absolutely private.

Enabling the log_type row will produce a much more verbose log which could be very useful to you to debug possible issues.

[walkjivefly]

Thanks, I'll see if I can get any more info with the log_type all.

[walkjivefly]

I used wireshark to find out what the module is sending to SAJ;

• the inverter serial number is used as the Client ID
• the userid is asmodulename
• your password might be the same as mine

Mosquitto wouldn't accept it with allow_anonymous true. Reconfigured with allow_anonymous false and appropriate values in password.txt and the connection was allowed.