Ssl 客户端上的MOSQUITO docker套接字错误<;未知>;,断开
我已经在docker上安装了mosquitto(raspberry pi 4),使用证书来保护连接。我没有在mosquitto中配置用户名和密码。 我正在使用此代码将我的wemos d1 mini连接到具有pubsubclient的MOSQUITO 我不使用secrets.h文件,但我以前尝试过,结果相同 插入凭据、mqtt data和ca.crt后,我获得以下串行输出:Ssl 客户端上的MOSQUITO docker套接字错误<;未知>;,断开,ssl,esp8266,mosquitto,Ssl,Esp8266,Mosquitto,我已经在docker上安装了mosquitto(raspberry pi 4),使用证书来保护连接。我没有在mosquitto中配置用户名和密码。 我正在使用此代码将我的wemos d1 mini连接到具有pubsubclient的MOSQUITO 我不使用secrets.h文件,但我以前尝试过,结果相同 插入凭据、mqtt data和ca.crt后,我获得以下串行输出: Attempting to connect to SSID: MYSSID ... connected! Setting
Attempting to connect to SSID: MYSSID ... connected!
Setting time using SNTP.done!
Current time: Wed Feb 19 13:53:17 2020 Time: Wed Feb 19 13:53:17 2020
MQTT connecting ... failed, status code =-2. Try again in 5 seconds.
MQTT connecting ... failed, status code =-2. Try again in 5 seconds.
MQTT connecting ... failed, status code =-2. Try again in 5 seconds.
1582138400: New connection from 192.168.0.8 on port 8883.
1582138405: Socket error on client <unknown>, disconnecting.
1582138405: New connection from 192.168.0.8 on port 8883.
1582138413: New connection from 192.168.0.8 on port 8883.
1582138418: Socket error on client <unknown>, disconnecting.
1582138418: New connection from 192.168.0.8 on port 8883.
1582138424: Socket error on client <unknown>, disconnecting.
1582138424: New connection from 192.168.0.8 on port 8883.
1582138429: Socket error on client <unknown>, disconnecting.
1582138429: New connection from 192.168.0.8 on port 8883.
1582138434: Socket error on client <unknown>, disconnecting.
1582138435: New connection from 192.168.0.8 on port 8883.
1582138440: Socket error on client <unknown>, disconnecting.
1582138440: New connection from 192.168.0.8 on port 8883.
1582138443: Client <unknown> has exceeded timeout, disconnecting.
我也用用户名和密码试过了,结果一样 我的mosquitcho.conf文件现在如下所示:
allow_anonymous false
password_file /mosquitto/data/passwordfile.txt
port 8883
cafile /ca.crt
keyfile /server.key
certfile /server.crt
tls_version tlsv1.2
persistence false
persistence_location /mosquitto/data/
log_type all
//Simple boolean to indicate first startup loop
bool startup = false;
// Define Your Settings
const char* ssid = "";
const char* password = "";
const char* mqtt_server = "";
const char* mqtt_username = "";
const char* mqtt_password = "";
const char* mqtt_clientname = "";
const int mqtt_port = 8883;
//Replace with you issuing certificate authority Base64 format
//This is also known as the "intermediate" authority that issued
//your certificate (client.crt)
static const char digicert[] PROGMEM = R"EOF(
-----BEGIN CERTIFICATE-----
INSERT YOUR CERT
-----END CERTIFICATE-----
)EOF";
void setup(){
WiFi.begin(ssid, password);
Serial.println("Connecting to WiFi.");
int _try = 0;
while (WiFi.status() != WL_CONNECTED)
{
Serial.print(".");
delay(500);
_try++;
// if connection not possible, go to deep-sleep
//if ( _try >= 10 ) {
//Serial.println("Can't connect to wifi, go to deep-sleep");
//ESP.deepSleep(durationSleep * 1e6);
//}
}
Serial.println("Connected to the WiFi network");
//****
//Important to set setTrustAnchors to verify certificates
//setInsecure() will allow the ssl connection without verification
//****
//client.setInsecure(); //WARNING Do NOT verify server
client.setTrustAnchors(&cert);
//NTP is required for CA Cert Validation
setClock();
//Connect to your MQTT Server and set callback
mqttclient.setServer(mqtt_server, mqtt_port);
}
我刚从一个项目中复制了这个,可能缺少一些行。如果是这样,请告诉我,我会尝试创建一个干净的代码。但总而言之,它应该可以工作。您是否测试过可以连接mosquitto命令行工具,例如mosquitto\u sub?默认情况下,在该代码中,设置了CHECK\u指纹。您是否在ESP8266代码中为代理的证书设置了正确的指纹?是的,使用代码中提到的命令获得了指纹和公钥,并且我已经尝试了所有三个选项。我只是尝试删除证书的一些行,这导致了相同的错误。据我所知,该证书不被认为是正确的。我创建了一组新的证书,它可以在命令行中工作,也可以与MQTTfx一起工作。你明白了吗?有同样的问题请看我下面的帖子,如果你仍然面临困难,请告诉我
//Simple boolean to indicate first startup loop
bool startup = false;
// Define Your Settings
const char* ssid = "";
const char* password = "";
const char* mqtt_server = "";
const char* mqtt_username = "";
const char* mqtt_password = "";
const char* mqtt_clientname = "";
const int mqtt_port = 8883;
//Replace with you issuing certificate authority Base64 format
//This is also known as the "intermediate" authority that issued
//your certificate (client.crt)
static const char digicert[] PROGMEM = R"EOF(
-----BEGIN CERTIFICATE-----
INSERT YOUR CERT
-----END CERTIFICATE-----
)EOF";
void setup(){
WiFi.begin(ssid, password);
Serial.println("Connecting to WiFi.");
int _try = 0;
while (WiFi.status() != WL_CONNECTED)
{
Serial.print(".");
delay(500);
_try++;
// if connection not possible, go to deep-sleep
//if ( _try >= 10 ) {
//Serial.println("Can't connect to wifi, go to deep-sleep");
//ESP.deepSleep(durationSleep * 1e6);
//}
}
Serial.println("Connected to the WiFi network");
//****
//Important to set setTrustAnchors to verify certificates
//setInsecure() will allow the ssl connection without verification
//****
//client.setInsecure(); //WARNING Do NOT verify server
client.setTrustAnchors(&cert);
//NTP is required for CA Cert Validation
setClock();
//Connect to your MQTT Server and set callback
mqttclient.setServer(mqtt_server, mqtt_port);
}