mqtt - 使用 Eclipse paho 的 2 路 ssl

问题描述

如何在 MQTT 中配置 2 路 ssl。

客户端jar mqttv31.1.0.jar mosquitto 1.4.8版

使用客户端身份验证时出现错误 - ssl3_get_client_certificate:peer 未返回证书。

以下是我的 mosquitto.conf 文件和 java 客户端详细信息：

mosquitto.conf

cafile /etc/mosquitto/ca_certificates/ca.pem
keyfile /etc/mosquitto/certs/server.key
certfile /etc/mosquitto/certs/server.pem
require_certificate true
use_identity_as_username true

port 8883

java客户端

client = new MqttClient("ssl://localhost:8883", "Session_3");
connOpt = new MqttConnectOptions();
connOpt.setCleanSession(true);

Properties sslProperties = new Properties();

sslProperties.put(SSLSocketFactoryFactory.TRUSTSTORE, 
"/home/KeyStore.jks");
sslProperties.put(SSLSocketFactoryFactory.TRUSTSTOREPWD, "123456");
sslProperties.put(SSLSocketFactoryFactory.TRUSTSTORETYPE, "JKS");
sslProperties.put(SSLSocketFactoryFactory.CLIENTAUTH, true);

sslProperties.put(SSLSocketFactoryFactory.KEYSTORE, 
"/home/clientStore.jks");
sslProperties.put(SSLSocketFactoryFactory.KEYSTOREPWD, "123456");
sslProperties.put(SSLSocketFactoryFactory.KEYSTORETYPE, "JKS");


connOpt.setSSLProperties(sslProperties);

client.connect(connOpt);

client.subscribe("sample_T");

client.setCallback( new MQTTSampleSubscriber() );

得到错误

MQTT Con: Session_3, READ: TLSv1.2 Alert, length = 2
MQTT Con: Session_3, RECV TLSv1.2 ALERT: fatal, handshake_failure
%% Invalidated: [Session-2, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384]
MQTT Con: Session_3, called closeSocket()
MQTT Con: Session_3, Exception while waiting for close 
javax.net.ssl.SSLHandshakeException: Received fatal alert: 
handshake_failure
MQTT Con: Session_3, handling exception: 
javax.net.ssl.SSLHandshakeException: Received fatal alert: 
handshake_failure
MQTT Con: Session_3, called close()
MQTT Con: Session_3, called closeInternal(true)

mosquitto log says :

peer did not return a certificate

标签： mqttpaho