paho-mqtt-python 使用来自服务器的 TLS ca_certs 发布单个
[英]paho-mqtt-python publish single with TLS ca_certs from server
问题描述
I'm trying to connect to "mqtts://broker.emqx.io:8883" using paho mqtt but getting the invalid certificate error.
我正在尝试使用 paho mqtt 连接到“mqtts://broker.emqx.io:8883”,但收到无效证书错误。
tls = { 'ca_certs': "certificate.pem", 'insecure': False, 'tls_version': ssl.PROTOCOL_TLS_CLIENT }
publish.single( topic="testtopic\", payload=payload, hostname="broker.emqx.io", auth={}, port=8883, tls=tls, protocol=mqtt.MQTTv311 )
I don't want it to be insecure and want to get the certificate from the server instead of providing a certificate file manually.我不希望它不安全,并希望从服务器获取证书而不是手动提供证书文件。 It would be a great help if someone could guide me in a right direction.如果有人能指导我朝着正确的方向前进,那将是一个很大的帮助。
1 个解决方案
解决方案1
0 2020-10-01 14:40:42
The ca_certs file should not come from the server, it's suppose to contain the certs for the Certificate Authority chain that signed the certificate used by the broker. ca_certs文件不应来自服务器,它假定包含对代理使用的证书进行签名的证书颁发机构链的证书。
So in this case it should hold 1 the certificate chain from:所以在这种情况下,它应该持有1 个来自:
- Sectigo RSA Domain Validation Secure Server CA Sectigo RSA 域验证安全服务器 CA
- USERTrust RSA Certification Authority USERTrust RSA 证书颁发机构
- AAA Certificate Services AAA证书服务
You need to provide the full chain or a file containing all the trusted public CA certs.您需要提供包含所有受信任公共 CA 证书的完整链或文件。
1 found with openssl s_client see here 1用 openssl s_client 找到,见这里
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.