TLS蚊子的身份验证
通过TLS,我对MQTT身份验证遇到了一些麻烦。 我获得了此信息来访问远程MQTT代理:
- 主机
- 端口(8883)
- 用户名
- 密码
,并且可以使用GUI客户端(例如Windows的MQTT.FX或MQTTX)轻松验证。在这些接口中,我只需要键入上面的数据,然后选择“带有CA签名服务器的SSL/TLS”。这样做,即使我最初没有证书或钥匙,一切都可以。
我正在尝试使用Mosquitto_sub从Linux CLI上订阅该经纪人的主题,但是我无法弄清楚我应该使用证书执行的操作顺序以像MQTTX一样进行身份验证。
我尝试生成新的证书并签名,我尝试下载服务器证书并将其作为five命名,但我并不是猜测操作的正确组合,因为我始终会遇到以下错误:
OpenSSL Error[0]: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
我的命令看起来像这样
mosquitto_sub -h mqtt.xxxxxxx.com -p 8883 -i example -V mqttv311 -t mytopic/# --capath /etc/mosquitto/certs -d
任何人可以帮助您请?
I am having some troubles with MQTT authentication via TLS.
I was given this information to access a remote MQTT broker:
- Host
- Port (8883)
- Username
- Password
and I can easily authenticate using GUI clients (like MQTT.FX or MQTTX for windows). In these interfaces, I just have to type the data above and choose "SSL/TLS with CA signed Server". Doing this, everything works even if I initially have no certificates or keys.
I am trying to subscribe to a topic on that broker from Linux CLI using mosquitto_sub, but I can't figure what sequence of operations I should do with certificates to authenticate like MQTTX does.
I tried generating a new certificate and signing it, I tried downloading server certificate and passing it as --cafile, but I am not guessing the right combination of actions, since I always get the following error:
OpenSSL Error[0]: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
My commands looks like this
mosquitto_sub -h mqtt.xxxxxxx.com -p 8883 -i example -V mqttv311 -t mytopic/# --capath /etc/mosquitto/certs -d
Can anyone help please?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论