Mosquitto 代理和 TLS 配置
我正在尝试使用TLS配置MQTT蚊子经纪人。 遵循《蚊子手册》后,我已经编辑了Mosquitto.conf作为Bellow的
# Place your local configuration in /etc/mosquitto/conf.d/
#
# A full description of the configuration file is at
# /usr/share/doc/mosquitto/examples/mosquitto.conf.example
pid_file /run/mosquitto/mosquitto.pid
persistence true
persistence_location /var/lib/mosquitto/
log_dest file /var/log/mosquitto/mosquitto.log
include_dir /etc/mosquitto/conf.d
listener 8883
cafile /home/openest/certs/ca/ca.crt
certfile /home/openest/certs/broker/broker.crt
keyfile /home/openest/certs/broker/broker.key
require_certificate true
问题,问题是当我重新启动蚊子经纪时,我会收到此错误,
Job for mosquitto.service failed because the control process exited with error code.
See "systemctl status mosquitto.service" and "journalctl -xe" for details.
这是我运行SytemCtl时的输出状态蚊子服务
● mosquitto.service - Mosquitto MQTT Broker
Loaded: loaded (/lib/systemd/system/mosquitto.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Mon 2022-04-11 15:25:56 CEST; 1min 22s ago
Docs: man:mosquitto.conf(5)
man:mosquitto(8)
Process: 2384 ExecStartPre=/bin/mkdir -m 740 -p /var/log/mosquitto (code=exited, status=0/SUCCESS)
Process: 2385 ExecStartPre=/bin/chown mosquitto /var/log/mosquitto (code=exited, status=0/SUCCESS)
Process: 2386 ExecStartPre=/bin/mkdir -m 740 -p /run/mosquitto (code=exited, status=0/SUCCESS)
Process: 2387 ExecStartPre=/bin/chown mosquitto /run/mosquitto (code=exited, status=0/SUCCESS)
Process: 2388 ExecStart=/usr/sbin/mosquitto -c /etc/mosquitto/mosquitto.conf (code=exited, status=1/FAILURE)
Main PID: 2388 (code=exited, status=1/FAILURE)
CPU: 6ms
这是journalctl -xe的输出,
░░ Support: https://www.debian.org/support
░░
░░ A start job for unit mosquitto.service has finished with a failure.
░░
░░ The job identifier is 4473 and the job result is failed.
Apr 12 10:15:12 debian systemd[1]: mosquitto.service: Scheduled restart job, restart counter is at 5.
░░ Subject: Automatic restarting of a unit has been scheduled
░░ Defined-By: systemd
░░ Support: https://www.debian.org/support
░░
░░ Automatic restarting of the unit mosquitto.service has been scheduled, as the result for
░░ the configured Restart= setting for the unit.
Apr 12 10:15:12 debian systemd[1]: Stopped Mosquitto MQTT Broker.
░░ Subject: A stop job for unit mosquitto.service has finished
░░ Defined-By: systemd
░░ Support: https://www.debian.org/support
░░
░░ A stop job for unit mosquitto.service has finished.
░░
░░ The job identifier is 4545 and the job result is done.
Apr 12 10:15:12 debian systemd[1]: mosquitto.service: Start request repeated too quickly.
Apr 12 10:15:12 debian systemd[1]: mosquitto.service: Failed with result 'exit-code'.
░░ Subject: Unit failed
░░ Defined-By: systemd
░░ Support: https://www.debian.org/support
░░
░░ The unit mosquitto.service has entered the 'failed' state with result 'exit-code'.
Apr 12 10:15:12 debian systemd[1]: Failed to start Mosquitto MQTT Broker.
░░ Subject: A start job for unit mosquitto.service has failed
░░ Defined-By: systemd
░░ Support: https://www.debian.org/support
░░
░░ A start job for unit mosquitto.service has finished with a failure.
░░
░░ The job identifier is 4545 and the job result is failed.
Apr 12 10:15:22 debian sudo[3055]: chaima : TTY=pts/1 ; PWD=/home/chaima ; USER=root ; COMMAND=/usr/bin/journalctl -xe
Apr 12 10:15:22 debian sudo[3055]: pam_unix(sudo:session): session opened for user root(uid=0) by chaima(uid=1000)
我还通过运行在火墙中打开了端口8883
sudo ufw allow 8883
Rules updated
Rules updated (v6)
请注意, 对我如何解决此错误有任何了解,并提前感谢您。
I am trying to configure the MQTT Mosquitto broker with TLS.
After following the mosquitto manual, I've edited the mosquitto.conf as bellow
# Place your local configuration in /etc/mosquitto/conf.d/
#
# A full description of the configuration file is at
# /usr/share/doc/mosquitto/examples/mosquitto.conf.example
pid_file /run/mosquitto/mosquitto.pid
persistence true
persistence_location /var/lib/mosquitto/
log_dest file /var/log/mosquitto/mosquitto.log
include_dir /etc/mosquitto/conf.d
listener 8883
cafile /home/openest/certs/ca/ca.crt
certfile /home/openest/certs/broker/broker.crt
keyfile /home/openest/certs/broker/broker.key
require_certificate true
The problem is when I am restarting the mosquitto broker, I am getting this error
Job for mosquitto.service failed because the control process exited with error code.
See "systemctl status mosquitto.service" and "journalctl -xe" for details.
This is the output when I run systemctl status mosquitto.service
● mosquitto.service - Mosquitto MQTT Broker
Loaded: loaded (/lib/systemd/system/mosquitto.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Mon 2022-04-11 15:25:56 CEST; 1min 22s ago
Docs: man:mosquitto.conf(5)
man:mosquitto(8)
Process: 2384 ExecStartPre=/bin/mkdir -m 740 -p /var/log/mosquitto (code=exited, status=0/SUCCESS)
Process: 2385 ExecStartPre=/bin/chown mosquitto /var/log/mosquitto (code=exited, status=0/SUCCESS)
Process: 2386 ExecStartPre=/bin/mkdir -m 740 -p /run/mosquitto (code=exited, status=0/SUCCESS)
Process: 2387 ExecStartPre=/bin/chown mosquitto /run/mosquitto (code=exited, status=0/SUCCESS)
Process: 2388 ExecStart=/usr/sbin/mosquitto -c /etc/mosquitto/mosquitto.conf (code=exited, status=1/FAILURE)
Main PID: 2388 (code=exited, status=1/FAILURE)
CPU: 6ms
This is the output of journalctl -xe
░░ Support: https://www.debian.org/support
░░
░░ A start job for unit mosquitto.service has finished with a failure.
░░
░░ The job identifier is 4473 and the job result is failed.
Apr 12 10:15:12 debian systemd[1]: mosquitto.service: Scheduled restart job, restart counter is at 5.
░░ Subject: Automatic restarting of a unit has been scheduled
░░ Defined-By: systemd
░░ Support: https://www.debian.org/support
░░
░░ Automatic restarting of the unit mosquitto.service has been scheduled, as the result for
░░ the configured Restart= setting for the unit.
Apr 12 10:15:12 debian systemd[1]: Stopped Mosquitto MQTT Broker.
░░ Subject: A stop job for unit mosquitto.service has finished
░░ Defined-By: systemd
░░ Support: https://www.debian.org/support
░░
░░ A stop job for unit mosquitto.service has finished.
░░
░░ The job identifier is 4545 and the job result is done.
Apr 12 10:15:12 debian systemd[1]: mosquitto.service: Start request repeated too quickly.
Apr 12 10:15:12 debian systemd[1]: mosquitto.service: Failed with result 'exit-code'.
░░ Subject: Unit failed
░░ Defined-By: systemd
░░ Support: https://www.debian.org/support
░░
░░ The unit mosquitto.service has entered the 'failed' state with result 'exit-code'.
Apr 12 10:15:12 debian systemd[1]: Failed to start Mosquitto MQTT Broker.
░░ Subject: A start job for unit mosquitto.service has failed
░░ Defined-By: systemd
░░ Support: https://www.debian.org/support
░░
░░ A start job for unit mosquitto.service has finished with a failure.
░░
░░ The job identifier is 4545 and the job result is failed.
Apr 12 10:15:22 debian sudo[3055]: chaima : TTY=pts/1 ; PWD=/home/chaima ; USER=root ; COMMAND=/usr/bin/journalctl -xe
Apr 12 10:15:22 debian sudo[3055]: pam_unix(sudo:session): session opened for user root(uid=0) by chaima(uid=1000)
Note that I've also opened up the port 8883 in the fire wall by running:
sudo ufw allow 8883
Rules updated
Rules updated (v6)
Do you have any idea about how I can fix this error please and thank you in advance.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
好的,我们没有从
sudo journalctl -xe中获得所需的东西(很可能是因为呈现不够的回滚以显示第一个故障)。最可能的原因是
Mosquitto用户无法访问您配置的证书/键。将这些文件移至
/etc/Mosquitto,并确保文件由Mosquitto用户拥有。OK, we are not getting what we need from the
sudo journalctl -xe(most likely because not enough scrollback has been presented to show the first failure).The most likely reason is that the
mosquittouser does not have access to the cert/keys you have configured.Move these files to
/etc/mosquittoand make sure the files are owned by themosquittouser.