配置mosquitto MQTT代理以侦听多个端口

时间:2019-05-29 12:54:53

标签: mqtt mosquitto

我在Win7 PC上安装了mosquitto,并且希望它可以侦听许多端口,因此我根据mosquitto文档和网络上的一些教程/示例对mosquitto.conf进行了相应的修改。这些是我在mosquitto.conf上所做的修改:

    # Plain MQTT protocol
    listener 1883

    # MQTT over TLS/SSL
    listener 8883
    protocol mqtt
    require_certificate false

    # MQTT over TLS/SSL with certificates
    listener 8884
    protocol mqtt
    require_certificate true
    certfile cert.pem
    cafile chain.pem
    keyfile privkey.pem

    # Plain WebSockets configuration
    listener 9001
    protocol websockets

    # WebSockets over TLS/SSL
    listener 9883
    protocol websockets
    require_certificate true
    cafile mosquitto/ca.crt
    certfile mosquitto/hostname.crt
    keyfile mosquitto/hostname.key

    # Log system configuration
    log_type all 
    #log_dest file C:/Dati/mosquitto/mosquitto.log
    log_facility 5
    log_type error
    log_type warning
    log_type notice
    log_type information

不幸的是,这些修改不再起作用。 因此,我需要研究一个可行的示例,以了解什么是正确的,什么是错误的。 我的目标是让mosquitto监听1883端口(未经加密的普通MQTT)8883(基于TLS 1.2,但不使用证书)8884(使用证书的TLS 1.2)9001(纯网络套接字),最后是9883(需要证书的Web套接字)。

我怀疑证书有问题,但是我遵循了test.mosquitto.org报告中的指示:

服务器在以下端口上侦听:

  • 1883:MQTT,未加密
  • 8883:MQTT,已加密
  • 8884:MQTT,已加密,需要客户端证书
  • 8080:基于WebSocket的MQTT,未加密
  • 8081:基于WebSocket的MQTT,已加密

因此似乎不需要客户端证书即可连接到端口8883。

更新 最后,将mosquitto作为一个简单的应用程序而不是Windows服务启动,我能够看到stdio / stderr上的日志,这就是结果:

这就是我开始蚊子的方式:

mosquitto -c mosquitto.conf -v

这是在端口8883上测试蚊子的测试命令及其结果:

mosquitto_pub --cafile C:\Dati\mosquitto\ca.crt -h 192.168.1.2 -t "test" -m "message" -p 8883
Error: Unknown error.

这是用于测试端口1883(日志文件的最后几行)上的蚊子的测试命令:

mosquitto_pub -h 192.168.1.2 -t "test" -m "message" -p 1883

这是日志文件:

    1559207712: mosquitto version 1.5.8 starting
    1559207712: Config loaded from mosquitto.conf.
    1559207712: Opening ipv6 listen socket on port 8883.
    1559207712: Opening ipv4 listen socket on port 8883.
    1559207712: Opening ipv6 listen socket on port 1883.
    1559207712: Opening ipv4 listen socket on port 1883.
    1559207731: New connection from 192.168.1.2 on port 8883.
    1559207731: Socket error on client <unknown>, disconnecting.
    1559207789: New connection from 192.168.1.2 on port 1883.
    1559207789: New client connected from 192.168.1.2 as MQTT_FX_Client (c1, k60).
    1559207789: No will message specified.
    1559207789: Sending CONNACK to MQTT_FX_Client (0, 0)
    1559207808: Received DISCONNECT from MQTT_FX_Client
    1559207808: Client MQTT_FX_Client disconnected.
    1559207902: New connection from 192.168.1.2 on port 8883.
    1559207902: Socket error on client <unknown>, disconnecting.
    1559207902: New connection from 192.168.1.2 on port 8883.
    1559207902: Socket error on client <unknown>, disconnecting.
    1559207949: New connection from 192.168.1.2 on port 8883.
    1559207949: Socket error on client <unknown>, disconnecting.
    1559207949: New connection from 192.168.1.2 on port 8883.
    1559207949: Socket error on client <unknown>, disconnecting.
    1559207956: New connection from 192.168.1.2 on port 8883.
    1559207956: Socket error on client <unknown>, disconnecting.
    1559207956: New connection from 192.168.1.2 on port 8883.
    1559207956: Socket error on client <unknown>, disconnecting.
    1559207994: New connection from 192.168.1.2 on port 8883.
    1559207994: Socket error on client <unknown>, disconnecting.
1559208345: New connection from 192.168.1.2 on port 1883.
1559208345: New client connected from 192.168.1.2 as mosqpub|7544-NOTEBOOK (c1, k60).
1559208345: No will message specified.
1559208345: Sending CONNACK to mosqpub|7544-NOTEBOOK (0, 0)
1559208345: Received PUBLISH from mosqpub|7544-NOTEBOOK (d0, q0, r0, m0, 'test', ... (7 bytes))
1559208345: Received DISCONNECT from mosqpub|7544-NOTEBOOK
1559208345: Client mosqpub|7544-NOTEBOOK disconnected.

我对mosquitto.conf进行了一些修改,试图更好地了解情况,并且我还使用mosquitto_pub发现了一些有趣的东西,这是我修改过的mosquitto.conf的相关部分:

# Log system configuration
log_type all 
#log_dest file C:\Dati\mosquitto\mosquitto.log    now stderr

# MQTT over TLS/SSL
listener 8893
protocol mqtt
allow_anonymous true
require_certificate false
cafile C:\Dati\mosquitto\ca.crt
certfile C:\Dati\mosquitto\server.crt
keyfile C:\Dati\mosquitto\server.key

# MQTT plain
listener 1893
protocol mqtt

在实践中,我在非标准端口上启动了2个新的侦听器,以确保仅mosquitto.conf上的配置会影响它们,因此没有太多幻想... 1883-> 1893和8883-> 8893。

然后,现在在不使用SSL的情况下执行mosquitto_pub,这是(正确的)结果:

mosquitto_pub -h 192.168.1.2 -i "MQTT_FX_Client" -t "test" -m "message" -p 1893 -d
Client MQTT_FX_Client sending CONNECT
Client MQTT_FX_Client received CONNACK (0)
Client MQTT_FX_Client sending PUBLISH (d0, q0, r0, m1, 'test', ... (7 bytes))
Client MQTT_FX_Client sending DISCONNECT

这是在端口8893上使用SSL执行mosquitto_pub的(错误)结果:

mosquitto_pub --cafile C:\Dati\mosquitto\ca.crt -h 192.168.1.2 -i "MQTT_FX_Client" -t "test" -m "message" -p 8893 -d
Client MQTT_FX_Client sending CONNECT
OpenSSL Error: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Error: A TLS error occurred.

,但是使用MQTT.fx可以使用以下参数: 配置文件类型:MQTT Broker 经纪人地址:192.168.1.2 经纪端口:8893 客户ID§:MQTT_FX_Client 启用S​​SL / TLS:是 协议TLSv1.2 CA证书文件:C:\ Dati \ mosquitto \ ca.crt

一切正常,如日志中所述:

1559231176: New connection from 192.168.1.2 on port 8893.
1559231177: New client connected from 192.168.1.2 as MQTT_FX_Client (c1, k60).
1559231177: No will message specified.
1559231177: Sending CONNACK to MQTT_FX_Client (0, 0)

在我看来,MQTT.fx和mosquitto_pub参数是相同的,但是...还是出了问题,所以...还有什么?

谢谢, 马西莫

0 个答案:

没有答案
相关问题
最新问题