Ssl 使用自签名证书时,无法将arduino mkr1000与mosquitto代理连接
我使用自签名证书连接到mqtt服务器时遇到问题。我想将mkr1000安全地连接到ubuntu上的mosquitto MQTT服务器。我使用ArduinoECX08CSR示例在mkr1000上生成CSR,并使用ubuntu的CA文件创建证书(.crt)。下面我将介绍为我的项目生成CA、CSR和CRT文件的过程 程序一 Ubuntu机器步骤 在ubuntu中生成证书颁发机构证书和密钥 在这里我得到了ca.key和ca.crt,在这里我用了“ubuntuip”作为通用名 服务器: 生成服务器密钥Ssl 使用自签名证书时,无法将arduino mkr1000与mosquitto代理连接,ssl,arduino,openssl,mosquitto,self-signed-certificate,Ssl,Arduino,Openssl,Mosquitto,Self Signed Certificate,我使用自签名证书连接到mqtt服务器时遇到问题。我想将mkr1000安全地连接到ubuntu上的mosquitto MQTT服务器。我使用ArduinoECX08CSR示例在mkr1000上生成CSR,并使用ubuntu的CA文件创建证书(.crt)。下面我将介绍为我的项目生成CA、CSR和CRT文件的过程 程序一 Ubuntu机器步骤 在ubuntu中生成证书颁发机构证书和密钥 在这里我得到了ca.key和ca.crt,在这里我用了“ubuntuip”作为通用名 服务器: 生成服务器密钥 o
openssl genrsa -des3 -out server.key 2048
#passphrase :abcd
#I tried both ways with and without -des3
openssl genrsa -out server.key 2048
openssl req -out server.csr -key server.key -new
openssl x509 -req -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt -days 365
openssl x509 -req -in client.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out client.crt -days 365
#include <PubSubClient.h>
#include <WiFi101.h>
#include <ArduinoBearSSL.h>
#include <ArduinoECCX08.h>
#include <ArduinoJson.h>
#include <OneWire.h>
#include <DallasTemperature.h>
#include "arduino_secrets.h"
#define ONE_WIRE_BUS 2
#For connecting to secure mqtt broker at port no 8883, we are generating ECCX08CSR example from #ArduinoECCX08 library for ECC508 & ECC608 crypto chips, examples in Arduino IDE.##
#Burned code example ECCX08CSR in mkr1000 board
#On serial monitor we filled the attributes
#“”””’Serial Monitor”””””””’
ECCX08 Serial Number = 012322619525B27AAF
#Hi there, in order to generate a new CSR for your board, we'll need the following information ...
Country Name (2 letter code) []:
State or Province Name (full name) []:
Locality Name (eg, city) []:
Organization Name (eg, company) []:
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) [012322619525B27AAF]: 54.196.102.5########
#########54.196.102.5 is used as a common name
What slot would you like to use? (0 - 4) [0]: 0
Would you like to generate a new private key? (Y/n) [Y]: y
Here's your CSR, enjoy!
-----BEGIN CERTIFICATE REQUEST-----
MIHKMHICAQAwEDEOMAwGA1UEAxMFbXlta3IwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARo6lo/
SW6XJ3vWTptpq+xRfiGtVXlfx0H7PRfZqrQCEA6NCkD+DZUQA5hNekMPzveohJscta5PYqAwCQet
TxxhoAAwCgYIKoZIzj0EAwIDSAAwRQIgQbwP9SF10O1dVyXsrNhr/HIEP/o2YzRyN7aqeSYaSvQC
IQCaH6+svv9/oV9bfqePi67PrcDLX+PGkAXlTlZlwJD5ZA==
-----END CERTIFICATE REQUEST-----
“””””””“
mosquitto_sub -h “UBUNTU IP” -t “Home” --cafile /home/ubuntu/client.crt -p 8333
//////////////////////
const char SECRET_CERTIFICATE[] = R"(-----BEGIN CERTIFICATE-----
MIICZTCCAU0CCQDPGXh/GuZk5zANBgkqhkiG9w0BAQsFADB7MQswCQYDVQQGEwJV
UzENMAsGA1UECAwET2hpbzENMAsGA1UEBwwEb2hpbzEMMAoGA1UECgwDaW90MQsw
CQYDVQQLDAJDQTEzMDEGA1UEAwwqSXAtMTcyLTMxLTM0LTQzLnVzLWVhc3QtMi5j
b21wdXRlLmludGVybmFsMB4XDTIwMDEwNTE3MjkwOFoXDTMwMDEwMjE3MjkwOFow
OTE3MDUGA1UEAxMuZWMyLTMtMTQtMy0xMTIudXMtZWFzdC0yLmNvbXB1dGUuYW1h
em9uYXdzLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDDoEdFWMR6ELTDC
R/8O1kle/6hVEmUA5q+OlSXeUID76FQ5aFG5PkdQcOOI1TfAwBDTTj3Ga+SIKey2
tXtdkGwwDQYJKoZIhvcNAQELBQADggEBAGNaTcYI2hnUXufV5LWtQPXxBwciPy7/
apRhd3e2T5j1HuxO9F1uJ5pT5pv+31Cn/d1Aqu/ZmXPMPHRVOl1845cGrm8cYWcj
ZY1puYQk91t3g9pLHmZbphvL5QeAXPgtZ/saqr3Jch36FvSJrMMy3w+1UXesYFFX
/lDpwSjSF0F6SqfcezRjp+JFZgl4CHUdXVA1j5K0hwZAm3p8dCdSZABn8SIVdNEc
jFq4lBxjCoivlTHpQSEeUu30pxyM/CEq0sdxjhIUeq2/74NbKVpGrZJpTRWOxkMG
lzW+H3txpiuCTedk5FluO4cqUsjlRrlqeC4cZAREVwz11SVhB5Hj8fE=
-----END CERTIFICATE-----
)"
////////////////////////
'''
#include <PubSubClient.h>
#include <WiFi101.h>
#include <ArduinoBearSSL.h>
#include <ArduinoECCX08.h>
#include <ArduinoJson.h>
#include <OneWire.h>
#include <DallasTemperature.h>
#include "arduino_secrets.h"
#define ONE_WIRE_BUS 2
OneWire oneWire(ONE_WIRE_BUS);
DallasTemperature sensors(&oneWire);
String temp;
''' const char* ssid = "XXXXXX";
const char* password = "XXXX";
const char* certificate = SECRET_CERTIFICATE;
const char* mqtt_server = "";
'''
WiFiClient espClient;
'''BearSSLClient espClient1(espClient);
PubSubClient client(espClient1);
long lastMsg = 0;
char msg[100];
long long int Node_ID = 44;
int value = 0;
int i= 0;
long int tempint;
void setup_wifi()
{ delay(10);
// We start by connecting to a WiFi network
'''
while (!Serial);
if (!ECCX08.begin())
{
Serial.println("No ECCX08 present!");
while (1);
}'''
'''ArduinoBearSSL.onGetTime(getTime);
espClient1.setEccSlot(0, certificate);
Serial.print("Connecting to ");
Serial.println(ssid);
''' WiFi.begin(ssid, password);
while (WiFi.status() != WL_CONNECTED)
{
delay(500);
Serial.print(".");
}
randomSeed(micros());
Serial.println("");
Serial.println("WiFi connected");
Serial.println("IP address: ");
Serial.println(WiFi.localIP());
}
void callback(char* topic, byte* payload, unsigned int length)
{
Serial.print("Message arrived [");
Serial.print(topic);
Serial.print("] ");
for (int i = 0; i < length; i++)
{
Serial.print((char)payload[i]);
}
Serial.println();
// Switch on the LED if an 1 was received as first character
if ((char)payload[0] == '1')
{
// digitalWrite(BUILTIN_LED, LOW); // Turn the LED on (Note that LOW is the voltage level
// but actually the LED is on; this is because
// it is active low on the ESP-01)
}
else
{
// digitalWrite(BUILTIN_LED, HIGH); // Turn the LED off by making the voltage HIGH
}
}
'''
void reconnect()
{
// Loop until we're reconnected
while (!client.connected()) {
Serial.print("Attempting MQTT connection...");
// Create a random client ID
String clientId = "Client-";
clientId += String(random(0xffff), HEX);
// Attempt to connect
if (client.connect(clientId.c_str())) {
Serial.println("connected");
// Once connected, publish an announcement...
client.publish("accelout", "hello vinit");
// ... and resubscribe
client.subscribe("inTopic");
} else {
Serial.print("failed, rc=");
Serial.print(client.state());
Serial.println(" try again in 5 seconds");
// Wait 5 seconds before retrying
delay(5000);
}
}
}
void setup()
{
Serial.begin(115200);
setup_wifi();
Serial.println("Dallas temp started");
sensors.begin();
client.setServer(mqtt_server, 8883);
client.setCallback(callback);
// Start the serial terminal
}
void loop()
{
i=++i;
if (!client.connected())
{
reconnect();
}
client.loop();
sensors.requestTemperatures();
long now = millis();
StaticJsonDocument<400> doc;
doc["ID"] = Node_ID;
doc["RN"] = i;
doc["Temp"] = sensors.getTempCByIndex(0);
Serial.println();
serializeJsonPretty(doc,msg);
Serial.println("Sending message to MQTT topic..");
Serial.println(msg);
client.publish("Home",msg);
unsigned long getTime()
{
// get the current time from the WiFi module
return WiFi.getTime();
}
“”
#包括
#包括
#包括
#包括
#包括
#包括
#包括
#包括“arduino_secrets.h”
#定义一条线\u总线2
单线单线(单线总线);
达拉斯温度传感器(单线);
字符串温度;
''const char*ssid=“XXXXXX”;
const char*password=“XXXX”;
const char*certificate=秘密证书;
const char*mqtt_server=“”;
'''
无线客户端;
''承担客户espClient 1(espClient);
PubSubClient客户(espClient1);
long lastMsg=0;
char-msg[100];
长整型节点_ID=44;
int值=0;
int i=0;
长int-tempint;
无效设置\u wifi()
{延迟(10);
//我们从连接WiFi网络开始
'''
而(!串行);
如果(!ECCX08.begin())
{
Serial.println(“不存在ECCX08!”);
而(1),;
}'''
''ArduinoBearSSL.onGetTime(getTime);
espClient1.setEccSlot(0,证书);
串行打印(“连接到”);
序列号println(ssid);
''WiFi.begin(ssid,密码);
while(WiFi.status()!=WL_已连接)
{
延迟(500);
连续打印(“.”);
}
随机种子(micros());
Serial.println(“”);
Serial.println(“WiFi连接”);
Serial.println(“IP地址:”);
Serial.println(WiFi.localIP());
}
无效回调(字符*主题,字节*有效负载,无符号整数长度)
{
串行打印(“消息到达[”);
连续打印(主题);
序列号。打印(“]”);
for(int i=0;i烧录此代码后,我将连接到串行监视器上的wifi消息,但mkr1000仍无法连接到mqtt服务器,代码每5分钟重试一次以连接到服务器。还询问:是的,我已在那里发布。
//////////////////////
const char SECRET_CERTIFICATE[] = R"(-----BEGIN CERTIFICATE-----
MIICZTCCAU0CCQDPGXh/GuZk5zANBgkqhkiG9w0BAQsFADB7MQswCQYDVQQGEwJV
UzENMAsGA1UECAwET2hpbzENMAsGA1UEBwwEb2hpbzEMMAoGA1UECgwDaW90MQsw
CQYDVQQLDAJDQTEzMDEGA1UEAwwqSXAtMTcyLTMxLTM0LTQzLnVzLWVhc3QtMi5j
b21wdXRlLmludGVybmFsMB4XDTIwMDEwNTE3MjkwOFoXDTMwMDEwMjE3MjkwOFow
OTE3MDUGA1UEAxMuZWMyLTMtMTQtMy0xMTIudXMtZWFzdC0yLmNvbXB1dGUuYW1h
em9uYXdzLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDDoEdFWMR6ELTDC
R/8O1kle/6hVEmUA5q+OlSXeUID76FQ5aFG5PkdQcOOI1TfAwBDTTj3Ga+SIKey2
tXtdkGwwDQYJKoZIhvcNAQELBQADggEBAGNaTcYI2hnUXufV5LWtQPXxBwciPy7/
apRhd3e2T5j1HuxO9F1uJ5pT5pv+31Cn/d1Aqu/ZmXPMPHRVOl1845cGrm8cYWcj
ZY1puYQk91t3g9pLHmZbphvL5QeAXPgtZ/saqr3Jch36FvSJrMMy3w+1UXesYFFX
/lDpwSjSF0F6SqfcezRjp+JFZgl4CHUdXVA1j5K0hwZAm3p8dCdSZABn8SIVdNEc
jFq4lBxjCoivlTHpQSEeUu30pxyM/CEq0sdxjhIUeq2/74NbKVpGrZJpTRWOxkMG
lzW+H3txpiuCTedk5FluO4cqUsjlRrlqeC4cZAREVwz11SVhB5Hj8fE=
-----END CERTIFICATE-----
)"
////////////////////////
'''
#include <PubSubClient.h>
#include <WiFi101.h>
#include <ArduinoBearSSL.h>
#include <ArduinoECCX08.h>
#include <ArduinoJson.h>
#include <OneWire.h>
#include <DallasTemperature.h>
#include "arduino_secrets.h"
#define ONE_WIRE_BUS 2
OneWire oneWire(ONE_WIRE_BUS);
DallasTemperature sensors(&oneWire);
String temp;
''' const char* ssid = "XXXXXX";
const char* password = "XXXX";
const char* certificate = SECRET_CERTIFICATE;
const char* mqtt_server = "";
'''
WiFiClient espClient;
'''BearSSLClient espClient1(espClient);
PubSubClient client(espClient1);
long lastMsg = 0;
char msg[100];
long long int Node_ID = 44;
int value = 0;
int i= 0;
long int tempint;
void setup_wifi()
{ delay(10);
// We start by connecting to a WiFi network
'''
while (!Serial);
if (!ECCX08.begin())
{
Serial.println("No ECCX08 present!");
while (1);
}'''
'''ArduinoBearSSL.onGetTime(getTime);
espClient1.setEccSlot(0, certificate);
Serial.print("Connecting to ");
Serial.println(ssid);
''' WiFi.begin(ssid, password);
while (WiFi.status() != WL_CONNECTED)
{
delay(500);
Serial.print(".");
}
randomSeed(micros());
Serial.println("");
Serial.println("WiFi connected");
Serial.println("IP address: ");
Serial.println(WiFi.localIP());
}
void callback(char* topic, byte* payload, unsigned int length)
{
Serial.print("Message arrived [");
Serial.print(topic);
Serial.print("] ");
for (int i = 0; i < length; i++)
{
Serial.print((char)payload[i]);
}
Serial.println();
// Switch on the LED if an 1 was received as first character
if ((char)payload[0] == '1')
{
// digitalWrite(BUILTIN_LED, LOW); // Turn the LED on (Note that LOW is the voltage level
// but actually the LED is on; this is because
// it is active low on the ESP-01)
}
else
{
// digitalWrite(BUILTIN_LED, HIGH); // Turn the LED off by making the voltage HIGH
}
}
'''
void reconnect()
{
// Loop until we're reconnected
while (!client.connected()) {
Serial.print("Attempting MQTT connection...");
// Create a random client ID
String clientId = "Client-";
clientId += String(random(0xffff), HEX);
// Attempt to connect
if (client.connect(clientId.c_str())) {
Serial.println("connected");
// Once connected, publish an announcement...
client.publish("accelout", "hello vinit");
// ... and resubscribe
client.subscribe("inTopic");
} else {
Serial.print("failed, rc=");
Serial.print(client.state());
Serial.println(" try again in 5 seconds");
// Wait 5 seconds before retrying
delay(5000);
}
}
}
void setup()
{
Serial.begin(115200);
setup_wifi();
Serial.println("Dallas temp started");
sensors.begin();
client.setServer(mqtt_server, 8883);
client.setCallback(callback);
// Start the serial terminal
}
void loop()
{
i=++i;
if (!client.connected())
{
reconnect();
}
client.loop();
sensors.requestTemperatures();
long now = millis();
StaticJsonDocument<400> doc;
doc["ID"] = Node_ID;
doc["RN"] = i;
doc["Temp"] = sensors.getTempCByIndex(0);
Serial.println();
serializeJsonPretty(doc,msg);
Serial.println("Sending message to MQTT topic..");
Serial.println(msg);
client.publish("Home",msg);
unsigned long getTime()
{
// get the current time from the WiFi module
return WiFi.getTime();
}