This article solves the problem of communication between CoAP protocol devices and external networks

CoAP protocol is an IoT protocol that supports communication between limited devices such as low power consumption and low power. These devices often run in restricted networks. Therefore, the CoAP protocol is designed to be very refined, and the UDP protocol is used for data transmission. transmission, so it can well adapt to the restricted network environment. CoAP operates on the abstract resources on the device in an M2M network composed of restricted devices in a manner similar to HTTP operation, so that synchronous and asynchronous information exchange between restricted devices can be realized very concisely and efficiently.

CoAP is a communication protocol designed for limited hardware and environments, and can work well in a limited network, but if the limited network needs to communicate with external networks, CoAP cannot adapt well. In addition, because the M2M network model is more considered in the design of CoAP, CoAP lacks support for the resource processing center (the CoAP-based LwM2M protocol specifically introduces concepts such as resource registration and resource service).

The above problems can be solved well by the EMQX message server. This article will introduce how to use EMQX to access the CoAP protocol and realize the communication between the CoAP protocol device and the outside.

EMQX CoAP protocol access method

For CoAP devices that need to communicate with the outside world, using EMQX as the message middleware can easily implement the following functions:

  • Authenticate devices and reject data from untrusted devices
  • Manage the rights of resources, you can specify different devices to have different read/write rights to a resource
  • Can be used as an information transmission center between CoAP devices in different networks
  • Can be used as other applications, such as CoAP management applications, data analysis applications and CoAP devices, access middleware between networks

EMQX provides two different CoAP access methods, covering most of the CoAP business scenarios, and the access is simple and well supported, and the CoAP protocol itself does not need to be changed. For the original CoAP devices and applications, the cost of accessing EMQX is also very small.

URL model

EMQX implements access to CoAP through URL path and queryString. When accessing CoAP, the URL model needs to be organized according to the following rules:

coap 连接类型://Host:Port/模式/TopicName?c=客户端Id&u=用户名&p=密码

where the coap connection type can be:

  • coap: use normal UDP for transmission
  • coaps: Enable the secure transport layer. For details on how to enable coaps (including one-way authentication and two-way authentication), see Encrypted Communication Configuration for details.

There are currently two modes : MQTT and PubSub . The specific differences will be described in detail below.

TopicName : Topic is used as the resource identifier in CoAP in EMQX, a Topic represents a resource object, and Topic can be any UTF8 string, allowing multiple levels, such as coap/, coap/test/queryString.

The three fields of c, u, and p in the URL are required, among which:

  • c stands for client ID, which is an arbitrary string. In theory, each client ID should be unique.
  • u and p respectively code the user name and password, which need to be pre-set in the authentication module of EMQ X

MQTT mode

MQTT mode escapes the CoAP Method according to the MQTT standard, and only has simple Pub/Sub behavior. The escape comparison table is as follows:

Method Token MQTT
GET 0 Subscribe
GET 1 UnSubscribe
GET _ illegal operation
PUT _ Publish
POST _ illegal operation
DELETE _ illegal operation

This mode is suitable for the following scenarios:

  • Only need to use EMQX for message, instruction or other real-time information transmission

  • If you need to use the Observe function for a long time, it is more important to be in a private network or an intranet, because UDP is connectionless, so the UDP link generated on the public network cannot be maintained for a long time, which will cause Observe to be possible . Unable to receive data normally

  • If it is on the public network, Observe can only be used as the result monitoring mechanism of the PUT operation. For example, if a CoAP device needs to send commands and data to other devices through EMQX, and perform subsequent processing according to the returned data, you can :

    1. Send a command to a topic using the PUT method
    2. Use Observe to monitor this Topic
    3. Processing according to the data returned by EMQX In view of the maintenance time of the UDP link in the public network, the Observe time is safe within 30s, and it is safe enough within 15s

PubSub mode

The PubSub mode is more complicated than the MQTT mode, but it is also more in line with the concept of "resources" in CoAP. All Publish messages will be stored in EMQX as "resources", and the timeout period is the max in the CoAP protocol. The -age optional field is controlled. Before the timeout, the message can be obtained through the GET method.

The escape relationship is as follows:

Method Token MQTT Resouce
GET 0 Subscribe _
GET 1 UnSubscribe _
GET _ _ Read the message corresponding to the topic
PUT _ Publish Update the message corresponding to the topic
POST _ Publish Update the message corresponding to the topic
DELETE _ _ Delete the message corresponding to the topic

This mode is equivalent to the extension of the above MQTT mode. In addition to the above applicable scenarios, it is also applicable to the following scenarios:

  • Scenarios that use EMQX as the exchange and aggregation center of data, information and other resources, such as CoAP devices monitoring the environment, can regularly PUT the data collected by themselves into EMQX, and the data processing center receives these data by subscribing to related topics, so as to Analyze the environmental conditions; for example, a CoAP device can push its own state to EMQX periodically, and users can directly observe the running state of the device through EMQX.
  • In a scenario where the frequency of message transmission is low and the latency tolerance is high, PUT can be used to update the message of a topic, and clients interested in the topic can obtain the latest update through GET at their own pace. messages, data, etc.

Configuration method

The configuration related to the CoAP protocol gateway of EMQX is in the emqx.conf file, which will be introduced in detail below.

Unencrypted Communication Scenario

When the data sensitivity is not high, or the transmission link is not required to ensure communication security, you can simply open the corresponding port for monitoring according to the business requirements.

For example, the following configuration listens on port 5683 on all available IPs, and listens on port 5684 on the LAN IP

coap.bind.udp.1 =
coap.bind.udp.2 =

Encrypted Communication Scenario

The CoAP protocol gateway of EMQX supports the DTLS security transport layer protocol, and can be configured with one-way/two-way authentication. The default configuration will automatically open one-way authentication.

One-way authentication

The configuration of one-way authentication is as follows. If you do not need to enable encrypted communication, you should comment out these configurations.

## DTLS 监听的端口, 配置方式和上面的udp模式一样,可用按照需要配置多个端口
coap.dtls.port1 = 5684
coap.dtls.port2 =

## DTLS 的私钥
## Value: File
coap.dtls.keyfile = {{ platform_etc_dir }}/certs/key.pem

## DTLS 的证书文件
## Value: File
coap.dtls.certfile = {{ platform_etc_dir }}/certs/cert.pem

Two-way authentication

The CoAP protocol gateway of EMQX also supports two-way authentication. The configuration is as follows:

## 验证模式, 可选值为: verify_peer | verify_none
coap.dtls.verify = verify_peer

## 客户端没有发送证书时是否拒绝连接
coap.dtls.fail_if_no_peer_cert = false

## pem格式的CA证书
coap.dtls.cacertfile = {{ platform_etc_dir }}/certs/cacert.pem

coap.dtls.verify is used to determine whether to enable two-way authentication. The optional values ​​are:

  • verify_peer verify client
  • verify_none does not verify the client

When mutual authentication is enabled, coap.dtls.fail_if_no_peer_cert is used to determine whether the server rejects the connection when the client does not send a certificate. coap.dtls.cacertfile is the CA certificate in pem format, which is used to authenticate the client. For mutual authentication, please refer to EMQX Enable Two-Way SSL/TLS Secure Connection .

Test and Validation

Enable CoAP protocol gateway

Open with Dashboard

In the plug-in directory in Dashboard, select emqx_coap and click to open, as shown in the figure:

EMQX CoAP plugin

open using terminal

The emqx_coap function can be enabled by using the following command in the terminal:

./bin/emqx_ctl plugins load emqx_coap

Install the CoAP test client

If the public IP is configured on the CoAP protocol gateway of EMQX, you can use the online website for testing. See the website description for specific usage.


libcoap is a library implemented in C language that fully supports all relevant standards of CoAP. It comes with a client application and is generally regarded as the standard verification client of CoAP.

On most Linux systems, it can be installed using the system's package manager, on macOS it can be installed using brew, other platforms may require manually compiling the source code.

The installed client is generally called: coap-client or libcoap.

Test PubSub Mode

The following demo uses libcoap, first publish a message to the server, and then read the latest news corresponding to the topic

# 使用 PubSub 模式,以 put 方法向 coap/test Topic 推送一条 json 格式的消息
coap-client -m put -e '#{msg => "Hello, CoAP"}' -t json "coap://"

# 读取 coap/test 这个 Topic 最后一条消息, 将会得到 #{msg => "Hello, CoAP"}
coap-client -m get  "coap://"

The following example demonstrates how to subscribe:

## 订阅 coap/observe 这个 topic, Token 设置为"token", 订阅超时为 60s
coap-client -m get -s 60 -B 30 -o - -T "token" "coap://"

## 使用另外一个 CoAP 客户端进行推送, 也可以使用其他任意的 MQTT 客户端
coap-client -m post -e '#{msg => "This is Observe"}' -t json "coap://"

## 这个时候订阅者将会收到:
## #{msg => "This is Observe"}

Test MQTT mode

The test of MQTT mode is the same as above, except that there are only two operations of publish/subscribe. Examples are as follows:

## publish
coap-client -m put -e '#{msg => "Hello, CoAP"}' -t json "coap://"

## subscribe
coap-client -m get -s 60 -B 60 -o - -T "token" "coap://"


So far, we have completed the complete process of CoAP protocol devices accessing EMQX, and realized the integration of CoAP protocol devices and MQTT protocol devices.

As a powerful open-source distributed cloud-native IoT message server, EMQX not only fully supports the MQTT protocol, but also supports CoAP and LwM2M protocols, providing convenience for the access of various terminal devices.

For the detailed use of EMQX, please refer to the EMQX Enterprise Edition documentation . You can also visit the EMQX GitHub project address: to follow the latest progress of the EMQX open source project.

Copyright statement: This article is original by EMQ, please indicate the source when reprinting.

Original link:


Guess you like