Struggling to connect via wss on port 8804

Using ngx-mqtt wiht Angular 14, I have no problem connecting via port 8803 over ws.

However, even after installing the SLL Certificate via the EMQX Broker Dashboard, I cannot connect via a secure websocket.
here’s my conn string:

return {
            hostname: 'xx.xx.87.182',
            port: 8084, 
            path: '/mqtt',
            clean: true, 
            connectTimeout: 4000,
            reconnectPeriod: 4000,
            clientId: 'BrowserTest1',
            username: 'myUser...',
            password: 'myPass...',
            protocol: 'wss',
            connectOnCreate: false,

I used the OpenSSL tool in Windows to generate certificate.pem, key.pem, and server.key.
I then manually copied/pasted the contents to the Cert Body and Cert Priv Key fields in your TLS/SLL CONFIG screen.

i.e. As per the example when you hover the fields in your UI, I copied the -----BEGIN/END CERTIFICATE----- section for the cert body, and also -----BEGIN/END PRIVATE KEY----- section for the private key.

Perhaps there’s additional data in those generated PEM files that I also should have included?

I also posted to StackOverflow: mqtt - Cannot to EMQX Cloud Broker via unsecure Web Sockets - secure ws works - Stack Overflow

In a browser environment, you should use a server certificate issued by a CA rather than a self-signed certificate. For details, please refer to: wss://url:8084/mqtt in node.js worked but in browser using webpack failed · Issue #741 · mqttjs/MQTT.js · GitHub. Then bind the domain to the broker’s IP. For details, please refer to: Ordinary Development Questions | EMQX Cloud Documentation.

Hi there,
I’m using ngx-mqtt, which is working fine in the browser via ws/8083. My only issue now is trying to connect to wss/8084 from the browser.
My ssl cert (CA signed) was imported successfully in the emqx dashboard, so I assume at this point I’m required to bind the IP to our Domain.
My only question is: is this binding thing a suggestion or a requirement ? I’m just trying to understand the details, and what else could possibly be the issue…

Good news. We binded our domain to your IP, and we were success in the wss secure connection.