使用C#在MQTT mosquitto中自签名的x509证书问题
[英]self signed x509 certificate issue in MQTT mosquitto using c#
问题描述
i am using mqtt library in c# and following this url. 
我在C#中使用mqtt库,并遵循此URL。 http://www.embedded101.com/Blogs/PaoloPatierno/entryid/366/mqtt-over-ssl-tls-with-the-m2mqtt-library-and-the-mosquitto-broker by implementing this url while i am connecting my client to localhost server following error occur:- http://www.embedded101.com/Blogs/PaoloPatierno/entryid/366/mqtt-over-ssl-tls-with-the-m2mqtt-library-and-the-mosquitto-broker ,当我连接我的网络时,通过实现此URL客户端到本地服务器发生以下错误:-
C:\Program Files\mosquitto>mosquitto -c mosquitto.conf -v
1438001198: mosquitto version 1.4 (build date 27/02/2015 21:01:03.50) starting
1438001198: Config loaded from mosquitto.conf.
1438001198: Opening ipv4 listen socket on port 8883.
Enter PEM pass phrase:
1438001224: New connection from 10.112.154.82 on port 8883.
1438001224: OpenSSL Error: error:140890C7:SSL routines:ssl3_get_client_certifica
te:peer did not return a certificate
1438001224: Socket error on client <unknown>, disconnecting.
My Code is:- 我的代码是:-
X509Certificate certificate = new X509Certificate(@"D:\POC\Abhinav\cert\cert\m2mqtt_ca.crt", "india@123");
MqttClient client = new MqttClient("10.112.154.82", 8883, true, new X509Certificate(certificate));
string clientId = new Guid("b0ca37b1-8a90-4a59-9665-fd8504357165").ToString();
client.Connect(clientId);
The Error: 错误:
c# Error:-{"A call to SSPI failed, see inner exception."}
can any one suggests me how to implement certificate in mqtt using mosquitto. 谁能建议我如何使用mosquitto在mqtt中实施证书。
3 个解决方案
解决方案1
0 2015-07-27 13:15:48
It seems that the mosquitto broker is waiting for a client certificate for client authentication. 似乎mosquitto代理正在等待用于客户端身份验证的客户端证书。 M2Mqtt supports only server authentication as described in the above article. 如上所述,M2Mqtt仅支持服务器身份验证。 Reading mosquitto documentation here : http://mosquitto.org/man/mosquitto-conf-5.html it seems that the "require_certificate" is set to true (require client certificate). 在此处阅读mosquitto文档: http ://mosquitto.org/man/mosquitto-conf-5.html似乎“ require_certificate”设置为true(需要客户端证书)。 You need to set it to false. 您需要将其设置为false。
Paolo. 保罗
解决方案2
0 2018-02-27 11:36:12
I know it is too late to answer but for anyone has faced similar problem. 我知道现在回答还为时已晚,但是对于任何人都遇到过类似的问题。 Solution: Install certificate in Local machine as Root Certificate and pass both certificate file parameter as null and set encryption to TLSV1.2 example : 解决方案: 在本地计算机上将证书作为根证书安装 ,并将两个证书文件参数都传递为null并将加密设置为TLSV1.2示例:
var client = new MqttClient(IPAddress.Parse(mqttBrokerHost), 8883, true,null, null, MqttSslProtocols.TLSv1_2);
解决方案3
0 2018-03-21 10:40:48
For client certificate you'll need to create a PFX file from your CA, Cert, and private key. 对于客户端证书,您需要根据您的CA,证书和私钥创建PFX文件。 Use openssl on the command line: 在命令行上使用openssl:
openssl pkcs12 -export -out <OutputName>.pfx -inkey client.key -in client.crt -certfile mosquitto.org.cer
Code C# to connect with M2MQTT: (OutputName in this example is client.pfx) 代码C#与M2MQTT连接:(此示例中的OutputName为client.pfx)
X509Certificate certRootCa = X509Certificate.CreateFromCertFile(Application.StartupPath + "/caRoot.crt");
X509Certificate2 certClient = new X509Certificate2(Application.StartupPath + "/client.pfx", "password");
MqttClient client = new MqttClient("10.112.154.82", 8883, true, certRootCa, certClient, MqttSslProtocols.TLSv1_2);
string clientId = new Guid("b0ca37b1-8a90-4a59-9665-fd8504357165").ToString();
client.Connect(clientId);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.