使用TLS将M2Mqtt.MqttClient连接到Mosquitto代理时获取AuthenticationException [英] Getting AuthenticationException when connect M2Mqtt.MqttClient to Mosquitto broker with TLS
问题描述
我是MQTT协议的新手.当我搜索MQTT服务器时,我发现Mosquitto经纪人是最常用的经纪人之一,因此我开始使用它.我必须在C#/.NET上开发MQTT客户端,我只找到M2Mqtt项目,并且此
I am new with MQTT protocol. When I searched for an MQTT server I found that Mosquitto broker is one of the most used one and therefore I have started using it. I have to develop an MQTT client on C#/.NET and I found only the M2Mqtt project and this C# MQTT client example.
I managed to install Mosquitto broker on Windows 10 and change the access control list using topics. Using MqttClient
I am able to connect to the broker with an username, subscribe to topics and publish them with the following code.
连接:
byte result = this.mqttClient.Connect(Guid.NewGuid().ToString(), username, string.Empty);
订阅:
this.mqttClient.Subscribe(new string[] { topic }, new byte[] { 2 });
发布:
ushort result = this.mqttClient.Publish(topic, message, MqttMsgBase.QOS_LEVEL_EXACTLY_ONCE, true);
现在,我想在通信中增加安全性.我遵循了这些创建CA的步骤证书,服务器密钥和服务器证书(我两次创建了证书).我按照链接中的说明更改了mosquito.conf
文件:
Now I want to add security in communications. I followed these steps to create the CA certificate, the server key and server certificate (I created the certificates twice). I changed the mosquito.conf
file as explained in the link:
port 8883
cafile C:\mosquitto\certs\ca.crt
certfile C:\mosquitto\certs\server.crt
keyfile C:\mosquitto\certs\server.key
I don't know if it is necessary, but I added the ca.crt
to the Trusted Root Certificates following these steps.
我将客户端更改为在连接中使用CA证书:
I changed the client to use the CA certificate in the connection:
//this.mqttClient = new MqttClient(brokerAddress);
X509Certificate caCertificate = new X509Certificate("ca.crt");
this.mqttClient = new MqttClient(brokerAddress, 8883, true, caCertificate, null, MqttSslProtocols.TLSv1_0);
ca.crt
文件的副本位于.exe
文件的同一文件夹中.当我运行应用程序时,我总是会遇到相同的异常:
A copy of the ca.crt
file is in the same folder of the .exe
file. When I run the application I always get the same exception:
-
uPLibrary.Networking.M2Mqtt.Exceptions.MqttConnectionException
:连接到代理的异常 - [内部异常]
System.Security.Authentication.AuthenticationException
:根据验证过程,远程证书无效.
uPLibrary.Networking.M2Mqtt.Exceptions.MqttConnectionException
: Exception connecting to the broker- [Inner exception]
System.Security.Authentication.AuthenticationException
: The remote certificate is invalid according to the validation procedure.
你知道我是否想念什么吗?
Do you know if I am missing something?
推荐答案
设法使其正常运行. 我没有使用ca.crt,而是将证书导出到ca.pfx,而是在客户端计算机的受信任的根证书颁发机构"缓存中安装了.pfx证书.
managed to get this working. Instead of using a ca.crt I exported the certificate to a ca.pfx, installed the .pfx certificate in the client computer's Trusted Root Certification Authorities cache.
要安装,只需右键单击该文件,选择本地计算机",然后根据需要完成提示.选择本地计算机并选择适当的证书存储区(受信任的根证书颁发机构")至关重要.
To install, Simply right click on the file, choose Local machine, and complete prompts as required. Critical to select local machine and select the proper certificate store ("Trusted Root Certification Authorities").
这篇关于使用TLS将M2Mqtt.MqttClient连接到Mosquitto代理时获取AuthenticationException的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!