Hello @Velu ! Welcome to the Community.
Ok, so there’s a couple things. First, you can’t use the #client-username username. That is for internal use (along with anything else you see starting with “#”). Use the default client-username, or make a new one.
From your CLI output, I’ll copy in the column headers as it makes it easier to explain:
Flags Legend:
TP - Transport
T+U - TCP and UDP
S - SSL (Y=Yes, N=No, -=not-applicable)
C - Compressed (Y=Yes, N=No, -=not-applicable)
R - Routing Ctrl (Y=Yes, N=No, -=not-applicable)
VRF - VRF (Mgmt=management, MsgBB=msg-backbone)
A - Admin State (U=Up, D=Down, -=not-applicable)
O - Oper State (U=Up, D=Down, -=not-applicable)
Status
Service TP S C R VRF MsgVpn Port A O Failed Reason
---------- --- ----- ----- --------------- ----- --- --------------------------
MQTT WEB N - - Mgmt Test 8000 D D Disabled at Vpn
- the “N” means it is a non-SSL port, so you can’t connect using SSL
- the “D D” means that the port is down as well, both configured and operational status
- the reason is because it has been disabled at the VPN level
- and I’m not sure why you’re trying to connect to port 8091 …?
So, if you want an SSL connection, you’ll probably want to connect to port 8883 (SSL) or 8443 (WSS)… but those are just for the default VPN. If you are connecting to another Message VPN, then you’ll have to figure out what ports are configured. E.g.:
show message-vpn <BLAH> service
Finally, you’ll need to ensure you see “U U” for admin and operational state. You’ll need to ensure you have copied a server certificate onto the broker so that it can support SSL connections. Managing Server Certificates
Good luck!