TCP/8883 — standard port for MQTT over TLS (encrypted). MQTT (Message Queuing Telemetry Transport) — pub/sub protocol for IoT: sensors → broker → apps. Plain MQTT = TCP/1883. 8883 adds TLS 1.2/1.3 + usually X.509 client certs (mutual TLS). Used by: AWS IoT Core, Azure IoT Hub, HiveMQ, Mosquitto.
Below: details, example, related, FAQ.
Free online tool — SSL certificate checker: instant results, no signup.
# mosquitto_pub with TLS
$ mosquitto_pub -h broker.example.com -p 8883 \
--cafile ca.crt --cert client.crt --key client.key \
-t sensor/temperature -m "23.5"
# Python paho-mqtt
import paho.mqtt.client as mqtt
c = mqtt.Client()
c.tls_set('ca.crt', 'client.crt', 'client.key')
c.connect('broker.example.com', 8883)
c.publish('sensor/temperature', '23.5')Port 8883 is specifically designated for MQTT over TLS, ensuring secure communication between devices in the Internet of Things (IoT) ecosystem. The use of TLS (Transport Layer Security) adds a robust layer of encryption, protecting data transmitted between MQTT clients and brokers.
When utilizing port 8883, two primary security features are implemented:
To configure MQTT clients for secure communication using port 8883, developers must ensure that their client libraries support TLS and that they have the necessary certificates available. Most popular MQTT client libraries, such as Paho and Eclipse Mosquitto, provide built-in support for TLS configurations.
Port 8883 is widely adopted in various IoT applications due to its secure communication capabilities. Below are several common use cases:
These use cases highlight the importance of choosing the right communication protocol and port for secure data transmission in IoT environments, with port 8883 being a preferred choice for many developers.
Setting up an MQTT client to communicate over port 8883 requires specific configurations to enable TLS. Below are practical examples for popular MQTT clients:
import paho.mqtt.client as mqtt
# Define the callback functions
def on_connect(client, userdata, flags, rc):
print('Connected with result code ' + str(rc))
client = mqtt.Client()
# Configure TLS
client.tls_set(ca_certs='path/to/ca.pem',
certfile='path/to/client_cert.pem',
keyfile='path/to/client_key.pem')
client.on_connect = on_connect
# Connect to the broker
client.connect('broker.example.com', 8883, 60)
# Start the loop
client.loop_forever() mosquitto_pub -h broker.example.com -p 8883 -t 'test/topic' -m 'Hello World' -v --cafile path/to/ca.pem --cert path/to/client_cert.pem --key path/to/client_key.pem In these examples, it's essential to replace path/to/ with the actual paths to your certificate files. The Paho MQTT client in Python demonstrates how to set up a secure connection programmatically, while the Mosquitto command-line tool shows how to publish a message securely using TLS.
MQTT: persistent connection, pub/sub, tiny header (~2 bytes). HTTP: simpler, RESTful, each request = handshake. Low-traffic, battery-powered IoT — MQTT.
5.0 adds enhanced auth, user properties, session expiry. Adoption: AWS IoT Core 2024, Mosquitto 2, HiveMQ 4+.
Production — yes, mutual TLS. Plain username/password breaks once device fleet hits 10k+.
Free plan — 10 monitors, checks every 5 min, no card required. Upgrade for 1-minute interval and multi-region monitoring.