[英]MQTTnet TLS 1.2 Encrypted Server
我正在尝试使用 MQTTnet 创建 TLS 1.2 加密的代理和客户端(假设在端口 2000 上)。 以下是我的尝试:
using MQTTnet;
using MQTTnet.Client;
using MQTTnet.Server;
using System.Security.Authentication;
MqttFactory factory = new MqttFactory();
MqttServerOptionsBuilder serverOptions = new MqttServerOptionsBuilder()
.WithEncryptedEndpoint()
.WithEncryptedEndpointPort(2000)
.WithEncryptionSslProtocol(SslProtocols.Tls12)
.WithoutDefaultEndpoint();
MqttServer mqttServer = factory.CreateMqttServer(serverOptions.Build());
mqttServer.StartAsync();
MqttClientOptionsBuilder clientOptions = new MqttClientOptionsBuilder()
.WithClientId("myClient")
.WithTcpServer("localhost", 2000)
.WithTls(new MqttClientOptionsBuilderTlsParameters()
{
UseTls = true,
SslProtocol = SslProtocols.Tls12,
CertificateValidationHandler = x => { return true; }
});
MQTTnet.Client.MqttClient mqttClient = factory.CreateMqttClient() as MQTTnet.Client.MqttClient;
while (!mqttClient.IsConnected)
{
mqttClient.ConnectAsync(clientOptions.Build()).GetAwaiter();
Thread.Sleep(1000);
}
Console.WriteLine("Connected");
Console.ReadLine();
我创建的客户端没有连接到代理。 我相信问题来自服务器端(如果不是两者),因为当我检查netstat
时,端口 2000 上没有任何连接。
我错过了什么?
这是对我有用的代码。 基本上在等待服务器并添加 X509 证书之后,服务器现在允许具有相同证书的客户端进行连接。
using MQTTnet;
using MQTTnet.Client;
using MQTTnet.Server;
using System.Security.Authentication;
using System.Security.Cryptography.X509Certificates;
X509Store store = new X509Store(StoreLocation.CurrentUser);
X509Certificate2 certificate;
try
{
store.Open(OpenFlags.ReadOnly);
X509Certificate2Collection certCollection = store.Certificates;
X509Certificate2Collection currentCerts = certCollection.Find(X509FindType.FindByTimeValid, DateTime.Now, false);
certificate = currentCerts[0];
}
finally
{
store.Close();
}
MqttFactory factory = new MqttFactory();
MqttServerOptionsBuilder serverOptions = new MqttServerOptionsBuilder()
.WithEncryptedEndpoint()
.WithEncryptedEndpointPort(2000)
.WithEncryptionCertificate(certificate)
.WithRemoteCertificateValidationCallback( (obj, cert, chain, ssl) => { return true; } )
.WithEncryptionSslProtocol(SslProtocols.Tls12)
.WithoutDefaultEndpoint();
MqttServer mqttServer = factory.CreateMqttServer(serverOptions.Build());
await mqttServer.StartAsync();
MqttClientOptionsBuilder clientOptions = new MqttClientOptionsBuilder()
.WithClientId("myClient")
.WithTcpServer("localhost", 2000)
.WithTls(new MqttClientOptionsBuilderTlsParameters()
{
UseTls = true,
SslProtocol = SslProtocols.Tls12,
CertificateValidationHandler = x => { return true; }
});
MQTTnet.Client.MqttClient mqttClient = factory.CreateMqttClient() as MQTTnet.Client.MqttClient;
while (!mqttClient.IsConnected)
{
mqttClient.ConnectAsync(clientOptions.Build()).GetAwaiter();
Thread.Sleep(1000);
}
Console.WriteLine("Connected");
Console.ReadLine();
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.