Telemetry: Support for the MQTT protocol over WebSockets

IBM® WebSphere® MQ 7.5.0, Fix Pack 1 and later supports the MQTT protocol over WebSockets. This enables it to be a server for clients using the MQTT messaging client for JavaScript.

A new communication protocol parameter (PROTOCOL) has been added to the MQTT channel definition (DEFINE CHANNEL (MQTT)):
  • If the parameter is set to MQTTV3, the channel only accepts connections from clients using Version 3 of the MQ Telemetry Transfer protocol. This was the only protocol supported before IBM WebSphere MQ 7.5.0, Fix Pack 1.
  • If the parameter is set to HTTP, the channel only accepts HTTP requests for pages, or WebSockets connections to IBM MQ Telemetry.
  • If the parameter is set to MQTTV3,HTTP, the channel accepts connections from clients using either protocol. This is the default behavior for new MQTT channels created with IBM WebSphere MQ 7.5.0, Fix Pack 1 and later versions.
When a client connects to an MQTT channel using SSL, the parameter SSLCAUTH determines whether IBM MQ requires a certificate from the client (see DEFINE CHANNEL (MQTT) ). Before IBM WebSphere MQ 7.5.0, Fix Pack 1, this parameter could be either REQUIRED or OPTIONAL for MQTT channels:
  • REQUIRED means that IBM MQ requests a certificate from the client and the client must supply a valid certificate.
  • OPTIONAL means that IBM MQ will request a certificate from the client but the client does not have to supply one. The client connection is allowed if the client supplies a valid certificate or if the client does not supply a certificate. The client connection is disallowed only if the client supplies an invalid certificate.

In IBM WebSphere MQ 7.5.0, Fix Pack 1 and later, the parameter SSLCAUTH can be set to NEVER for MQTT channels. NEVER means that IBM MQ never requests a certificate from the client. The new value was added as part of the support for clients using the MQTT messaging client for JavaScript. It accommodates the behavior of some web browsers which treat the request for a client certificate as a protocol error.