From 338eeb2295c1a8344fae3012d9f3152b9ae5b65d Mon Sep 17 00:00:00 2001
From: Nick Horvath <nhorvath@gmail.com>
Date: Thu, 29 Mar 2018 03:23:31 -0400
Subject: [PATCH] Add instructions on running MQTT ssl/nonssl simultaneously
 (#5027)

* Add instructions on running MQTT ssl/nonssl simultaneously

I wanted to be able to recieve MQTT from my cell phone over SSL, but wanted local things that have limited RAM to be able to connect without the burden of SSL code.

* Tweaking

* Add comma
---
 source/_addons/mosquitto.markdown | 19 ++++++++++++++++++-
 1 file changed, 18 insertions(+), 1 deletion(-)

diff --git a/source/_addons/mosquitto.markdown b/source/_addons/mosquitto.markdown
index de3df298949..f143d9ac34d 100644
--- a/source/_addons/mosquitto.markdown
+++ b/source/_addons/mosquitto.markdown
@@ -43,7 +43,7 @@ Configuration variables:
 
 ### {% linkable_title Home Assistant configuration %}
 
-To use the Mosquitto as [broker](/docs/mqtt/broker/#run-your-own) add the following entry to the `configuration.yaml` file.
+To use the Mosquitto as [broker](/docs/mqtt/broker/#run-your-own), add the following entry to the `configuration.yaml` file.
 
 ```yaml
 # Example configuration.yaml entry
@@ -59,3 +59,20 @@ mqtt:
   username: YOUR_USERNAME
   password: YOUR_PASSWORD
 ```
+
+### {% linkable_title Listening simultaneously on SSL/TLS (8883) and insecure (1883) ports %}
+
+1. Configure SSL/TLS as normal.
+2. Set `customize` flag to `true` in your configuration.
+3. Create a file in `/share/mosquitto` named `insecure.conf` with the following contents:
+
+```text
+listener 1883
+protocol mqtt
+```
+
+4. Restart MQTT
+
+<p class='note warning'>
+It's recommened that you only open your firewall to the SSL/TLS port (8883) and only use the insecure port (1883) for local devices.
+</p>