MQTTnet TLS 1.2 加密服务器
[英]MQTTnet TLS 1.2 Encrypted Server
问题描述
我正在尝试使用 MQTTnet 创建 TLS 1.2 加密的代理和客户端(假设在端口 2000 上)。 以下是我的尝试:
using MQTTnet;
using MQTTnet.Client;
using MQTTnet.Server;
using System.Security.Authentication;
MqttFactory factory = new MqttFactory();
MqttServerOptionsBuilder serverOptions = new MqttServerOptionsBuilder()
.WithEncryptedEndpoint()
.WithEncryptedEndpointPort(2000)
.WithEncryptionSslProtocol(SslProtocols.Tls12)
.WithoutDefaultEndpoint();
MqttServer mqttServer = factory.CreateMqttServer(serverOptions.Build());
mqttServer.StartAsync();
MqttClientOptionsBuilder clientOptions = new MqttClientOptionsBuilder()
.WithClientId("myClient")
.WithTcpServer("localhost", 2000)
.WithTls(new MqttClientOptionsBuilderTlsParameters()
{
UseTls = true,
SslProtocol = SslProtocols.Tls12,
CertificateValidationHandler = x => { return true; }
});
MQTTnet.Client.MqttClient mqttClient = factory.CreateMqttClient() as MQTTnet.Client.MqttClient;
while (!mqttClient.IsConnected)
{
mqttClient.ConnectAsync(clientOptions.Build()).GetAwaiter();
Thread.Sleep(1000);
}
Console.WriteLine("Connected");
Console.ReadLine();
我创建的客户端没有连接到代理。 我相信问题来自服务器端(如果不是两者),因为当我检查netstat时,端口 2000 上没有任何连接。
我错过了什么?
1 个解决方案
解决方案1
0 2022-08-22 16:47:32
这是对我有用的代码。 基本上在等待服务器并添加 X509 证书之后,服务器现在允许具有相同证书的客户端进行连接。
using MQTTnet;
using MQTTnet.Client;
using MQTTnet.Server;
using System.Security.Authentication;
using System.Security.Cryptography.X509Certificates;
X509Store store = new X509Store(StoreLocation.CurrentUser);
X509Certificate2 certificate;
try
{
store.Open(OpenFlags.ReadOnly);
X509Certificate2Collection certCollection = store.Certificates;
X509Certificate2Collection currentCerts = certCollection.Find(X509FindType.FindByTimeValid, DateTime.Now, false);
certificate = currentCerts[0];
}
finally
{
store.Close();
}
MqttFactory factory = new MqttFactory();
MqttServerOptionsBuilder serverOptions = new MqttServerOptionsBuilder()
.WithEncryptedEndpoint()
.WithEncryptedEndpointPort(2000)
.WithEncryptionCertificate(certificate)
.WithRemoteCertificateValidationCallback( (obj, cert, chain, ssl) => { return true; } )
.WithEncryptionSslProtocol(SslProtocols.Tls12)
.WithoutDefaultEndpoint();
MqttServer mqttServer = factory.CreateMqttServer(serverOptions.Build());
await mqttServer.StartAsync();
MqttClientOptionsBuilder clientOptions = new MqttClientOptionsBuilder()
.WithClientId("myClient")
.WithTcpServer("localhost", 2000)
.WithTls(new MqttClientOptionsBuilderTlsParameters()
{
UseTls = true,
SslProtocol = SslProtocols.Tls12,
CertificateValidationHandler = x => { return true; }
});
MQTTnet.Client.MqttClient mqttClient = factory.CreateMqttClient() as MQTTnet.Client.MqttClient;
while (!mqttClient.IsConnected)
{
mqttClient.ConnectAsync(clientOptions.Build()).GetAwaiter();
Thread.Sleep(1000);
}
Console.WriteLine("Connected");
Console.ReadLine();
如何使用 .NET 中的 1.2 TLS 版本获得 EWS 服务器的身份验证
[英]How to use 1.2 TLS version in .NET for getting authenticated to EWS Server
WebRequest针对Windows Server 2008 R2的TLS 1.2进行故障转移
[英]WebRequest fails over TLS 1.2 for Windows Server 2008 R2
需要在服务器环境中启用 TLS1.2 并禁用 TLS1.0 & 1.1
[英]Need to enable TLS1.2 in server environment and disable TLS1.0 & 1.1
C# 无法在 Windows 7/Windows Server 上使用 TLS1.2 创建 ssl/tls 安全通道
[英]C# Could not create ssl/tls secure channel on Windows 7/Windows Server, using TLS1.2
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
SQL 服务器 TLS 1.2 通信真的加密了吗?
服务器未使用TLS 1.2响应WebClient
使用TLS 1.2将客户端连接到TCP服务器
如何使用 .NET 中的 1.2 TLS 版本获得 EWS 服务器的身份验证
WebRequest针对Windows Server 2008 R2的TLS 1.2进行故障转移
需要在服务器环境中启用 TLS1.2 并禁用 TLS1.0 & 1.1
C# 无法在 Windows 7/Windows Server 上使用 TLS1.2 创建 ssl/tls 安全通道
MQTTnet客户端无法连接服务器证书
将MQTTNet Server与MQTT.js客户端一起使用
MQTTnet 将服务器连接到非本地端点
相关标签