![](/img/trans.png)
[英]C# A call to SSPI failed, see inner exception - The Local Security Authority cannot be contacted
[英]A call to SSPI failed, see inner exception paho m2mqtt Dot.Net(c#) client SSL/TLS connection
我正在尝试通过SSL / TLS使用m2mqtt c#客户端版本4.3.0库与mosquitto代理连接。 下面是我尝试过的代码
static void Main(string[] args)
{
// create client instance
MqttClient client = new MqttClient(IPAddress.Parse("127.0.0.1"), 8883, true,
new X509Certificate2("C:\\Users\\hp\\Desktop\\certificate\\ca.crt"),
new X509Certificate2("C:\\Users\\hp\\Desktop\\certificate\\client.crt"),
MqttSslProtocols.TLSv1_2);
// register to message received
client.MqttMsgPublishReceived += client_MqttMsgPublishReceived;
string clientId = "pahoSubscriber2";
client.Connect(clientId);
// subscribe to the topic "hello" with QoS 0
client.Subscribe(new string[] { "hello" }, new byte[] { MqttMsgBase.QOS_LEVEL_AT_MOST_ONCE });
}
static void client_MqttMsgPublishReceived(object sender, MqttMsgPublishEventArgs e)
{
// handle message received
Console.WriteLine(e.Message);
}
但我得到了例外
调用SSPI失败,请参阅内部异常。
而内部异常说
收到的消息意外或格式错误
有关信息,我可以在没有SSL / TLS的情况下成功连接到代理。 也可以通过带有或不带有SSL / TLS的Paho Java客户端来与代理连接。 仅当我尝试通过SSL / TLS使用m2mqtt C#客户端库进行连接时,才会发生此异常。 任何帮助或示例实现都将适用。
终于找到了解决方案。 要在Dot.Net框架内使用SSL证书,我们需要同时提供证书及其对应的私钥。 为此,我们需要使用结合了这两个的p12(.pfx)文件。 在我的项目中,我使用了通过OpenSSL进行的自签名证书,因此我使用了以下命令来组合证书和私钥
pkcs12 -export -out ca.pfx -inkey ca.key -in ca.crt
pkcs12 -export -out client.pfx -inkey client.key -in client.crt
这将为每个证书创建p12(.pfx)文件。 然后我将它们用在我的代码中,如下所示
static void Main(string[] args)
{
// create client instance
MqttClient client = new MqttClient(IPAddress.Parse("127.0.0.1"), 8883, true,
new X509Certificate2("C:\\Users\\hp\\Desktop\\certificate\\ca.pfx"),
new X509Certificate2("C:\\Users\\hp\\Desktop\\certificate\\client.pfx"),
MqttSslProtocols.TLSv1_2);
// register to message received
client.MqttMsgPublishReceived += client_MqttMsgPublishReceived;
string clientId = "pahoSubscriber2";
client.Connect(clientId);
// subscribe to the topic "hello" with QoS 0
client.Subscribe(new string[] { "hello" }, new byte[] { MqttMsgBase.QOS_LEVEL_AT_MOST_ONCE });
}
static void client_MqttMsgPublishReceived(object sender, MqttMsgPublishEventArgs e)
{
// handle message received
Console.WriteLine(e.Message);
}
我遇到的关键是在本地计算机上安装证书作为根证书! 如果安装了“ ca.crt”文件,则可以将null值用作两个参数=> caCert和clientCert。 经过几个小时的混乱后,此链接对我有所帮助!
static void Main(string[] args){
// create client instance
MqttClient client = new MqttClient(IPAddress.Parse("127.0.0.1"), 8883, true, null, null, MqttSslProtocols.TLSv1_2);
// register to message received
client.MqttMsgPublishReceived += client_MqttMsgPublishReceived;
string clientId = "pahoSubscriber2";
client.Connect(clientId);
// subscribe to the topic "hello" with QoS 0
client.Subscribe(new string[] { "hello" }, new byte[] { MqttMsgBase.QOS_LEVEL_AT_MOST_ONCE });
}
static void client_MqttMsgPublishReceived(object sender, MqttMsgPublishEventArgs e)
{
// handle message received
Console.WriteLine(e.Message);
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.