[英]mosquitto_sub with TLS enabled
I am new to MQTT and I have a frustrating problem. 我是MQTT的新手,但遇到一个令人沮丧的问题。
I have been using MQTT.fx to subscribe to a topic; 我一直在使用MQTT.fx订阅主题。 I have set the: 我已经设定了:
This works well, however I would like to use mosquitto_sub. 这很好,但是我想使用mosquitto_sub。 I am attempting to subscribe to the same topic in the following way: 我尝试通过以下方式订阅同一主题:
mosquitto_sub -h host -p 8883 -t topic -i client id
This is not working for me. 这对我不起作用。 I am using it on a Ubuntu VM. 我在Ubuntu VM上使用它。
My powers of observation tell me that I should enable TLS, however I'm not quite sure how to do that, I have stuffed around with certificates and enabling TLS in may ways but have not got the right combo. 我的观察力告诉我应该启用TLS,但是我不太确定该怎么做,我已经塞满了证书并以可能的方式启用了TLS,但没有正确的组合。 I know it is required as if I uncheck the SSL/TLS box in MQTT.fx I am unable to connect. 我知道这是必需的,就像我在无法连接的MQTT.fx中取消选中SSL / TLS框一样。
I would really like to replicate what I have in MQTT.fx with mosquitto. 我真的很想用mosquitto复制MQTT.fx中的内容。
In the mosquitto_sub command, use the --capath argument to point to /etc/ssl/certs. 在mosquitto_sub命令中,使用--capath参数指向/ etc / ssl / certs。 It needs a pointer to the trusted certificates. 它需要一个指向受信任证书的指针。
To enable SSL with mosquitto_sub you need to specify a CA certificate. 要使用mosquitto_sub启用SSL,您需要指定一个CA证书。
This can be done in 1 of 2 ways. 这可以通过2种方式之一来完成。
--cafile /path/to/a/file
where the file contains the required trusted CA certificate (either on it's own or part of a concatenated set) --cafile /path/to/a/file
,其中文件包含必需的受信任CA证书( --cafile /path/to/a/file
或为串联集的一部分) --capath /path/to/directory
where the directory contains a collection of files ending in .crt which contain the CA certificates to be trusted. --capath /path/to/directory
,其中目录包含以.crt结尾的文件的集合,这些文件包含要信任的CA证书。 The ca certs should also be indexed with the c_rehash function. 还应使用c_rehash函数对ca证书进行索引。 Both these options are mentioned in the mosquito_sub man page as ways to enabled SSL mosquito_sub 手册页中提到了这两个选项,作为启用SSL的方法
eg 例如
mosquitto_sub -h host -p 8883 --cafile ca.crt -t topic -i client id
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.