Outsystems Mobile IOT communication, self signed or no SSL Certificate


I'm trying to build an APP which should communicate with an MQTT device in an internal WIFI network. I use the MQTt mobile component from the forge for this which implements the JS Paho MQTT client.

 Therefore, I have to use either a non SSL connection or a self-signed certificates. Unfortunately, both currently doesn't work. I can only connect using outsystems now and a self signed encrypted SSL connection, and then only after answering a security alert. Is there any way to allow direct connections to IOT devices with Outsystems, therefore overriding some security features which are obsolete in internal WIFI networks?

The only approach that I found, that might work is implementing this Cordova Plugin to OS: https://github.com/hypery2k/cordova-certificate-plugin

However, not shure if it will work and if it is worth the effort?



Is the app in question being side-loaded? Or will it have to be submitted to an app store?

Trying to understand why a self-signed certificate won't work.

Why can you not use a normal SSL certificate, rather than self-signed?

It's also quite unusual to connect directly to a device, as the whole point of MQTT is to queue device messages on an MQTT server, so you are not connecting directly and synchronously with a device. If the device communicates via MQTT, then the device should be sending messages to an MQTT server queue, and your app should be reading those messages from the server queue.

Perhaps you could elaborate on the architecture you're using?

You are correct, I don't connect directly to the device. I do run a MQTT Server on a Raspberry Pi in my internal network. The device are triggered by the raspberry pi then, to which they are connected. As far as I know, it is not possible set up a normal certificate for an internal server, having an IP address like 

Currently I'm only testing the app on my own device. I can use it there in Outsystems Now, but I become some invalid certificate warnings.

I guess my question is that if you're currently only doing internal testing, are the warnings really an issue?

Is the end-goal that the MQTT server would be behind a public domain name? Or will it always be internal?