Merge pull request #1345 from gravitl/hotfix_v0.14.5_ssl_mq

added ssl to server conns to mq enp

main.go

@@ -168,7 +168,8 @@ func startControllers() {
 // Should we be using a context vice a waitgroup????????????
 func runMessageQueue(wg *sync.WaitGroup) {
 	defer wg.Done()
-	logger.Log(0, "connecting to mq broker at", servercfg.GetMessageQueueEndpoint())
+	brokerHost, secure := servercfg.GetMessageQueueEndpoint()
+	logger.Log(0, "connecting to mq broker at", brokerHost, "with TLS?", fmt.Sprintf("%v", secure))
 	var client = mq.SetupMQTT(false) // Set up the subscription listener
 	ctx, cancel := context.WithCancel(context.Background())
 	go mq.Keepalive(ctx)

mq/mq.go

@@ -24,10 +24,13 @@ var peer_force_send = 0
 // SetupMQTT creates a connection to broker and return client
 func SetupMQTT(publish bool) mqtt.Client {
 	opts := mqtt.NewClientOptions()
-	opts.AddBroker(servercfg.GetMessageQueueEndpoint())
+	broker, secure := servercfg.GetMessageQueueEndpoint()
+	opts.AddBroker(broker)
 	id := ncutils.MakeRandomString(23)
 	opts.ClientID = id
-	opts.SetTLSConfig(&serverctl.TlsConfig)
+	if secure {
+		opts.SetTLSConfig(&serverctl.TlsConfig)
+	}
 	opts.SetAutoReconnect(true)
 	opts.SetConnectRetry(true)
 	opts.SetConnectRetryInterval(time.Second << 2)

servercfg/serverconf.go

@@ -222,14 +222,15 @@ func GetMQPort() string {
 }
 
 // GetMessageQueueEndpoint - gets the message queue endpoint
-func GetMessageQueueEndpoint() string {
+func GetMessageQueueEndpoint() (string, bool) {
 	host, _ := GetPublicIP()
 	if os.Getenv("MQ_HOST") != "" {
 		host = os.Getenv("MQ_HOST")
 	} else if config.Config.Server.MQHOST != "" {
 		host = config.Config.Server.MQHOST
 	}
-	return host + ":" + GetMQServerPort()
+	secure := strings.Contains(host, "mqtts") || strings.Contains(host, "ssl")
+	return host + ":" + GetMQServerPort(), secure
 }
 
 // GetMasterKey - gets the configured master key of server