时间戳

首页 > 解决方案 > 通过 Websockets 连接到 Mosquitto Broker 时出错

websocket - 通过 Websockets 连接到 Mosquitto Broker 时出错

问题描述

当我尝试连接我的 mqtt 服务器时,在HIVEMQ上使用客户端,我收到以下错误:

Firefox can’t establish a connection to the server at ws://burooq.com:8083/mqtt.
Connect failed: AMQJS0007E Socket error:undefined.

我正在使用以下参数:

运行命令mosquitto,我得到响应:

[ 1615.745348]~DLT~ 1670~INFO     ~FIFO /tmp/dlt cannot be opened. Retrying later...
1608926628: mosquitto version 1.6.9 starting
1608926628: Config loaded from /etc/mosquitto/conf.d/default.conf.
1608926628: Opening ipv4 listen socket on port 1883.
1608926628: Opening ipv4 listen socket on port 8883.
1608926628: Opening ipv6 listen socket on port 8883.
1608926628: Opening websockets listen socket on port 8083.

我的 Mosquitto conf 文件是:

allow_anonymous false
password_file /etc/mosquitto/passwd

listener 1883 localhost

listener 8883
certfile /etc/letsencrypt/live/burooq.com/cert.pem
cafile /etc/letsencrypt/live/burooq.com/chain.pem
keyfile /etc/letsencrypt/live/burooq.com/privkey.pem

listener 8083
protocol websockets
certfile /etc/letsencrypt/live/burooq.com/cert.pem
cafile /etc/letsencrypt/live/burooq.com/chain.pem
keyfile /etc/letsencrypt/live/burooq.com/privkey.pem

寻找所有打开的端口,我得到:

     To                         Action      From
     --                         ------      ----
[ 1] Apache Full                ALLOW IN    Anywhere
[ 2] 22/tcp                     ALLOW IN    Anywhere
[ 3] 22                         ALLOW IN    Anywhere
[ 4] 80/tcp                     ALLOW IN    Anywhere
[ 5] 80                         ALLOW IN    Anywhere
[ 6] 443/tcp                    ALLOW IN    Anywhere
[ 7] 443                        ALLOW IN    Anywhere
[ 8] 80,443/tcp                 ALLOW IN    Anywhere
[ 9] 8883                       ALLOW IN    Anywhere
[10] 8083                       ALLOW IN    Anywhere
[11] 2222                       ALLOW IN    Anywhere
[12] Apache Full (v6)           ALLOW IN    Anywhere (v6)
[13] 22/tcp (v6)                ALLOW IN    Anywhere (v6)
[14] 22 (v6)                    ALLOW IN    Anywhere (v6)
[15] 80/tcp (v6)                ALLOW IN    Anywhere (v6)
[16] 80 (v6)                    ALLOW IN    Anywhere (v6)
[17] 443/tcp (v6)               ALLOW IN    Anywhere (v6)
[18] 443 (v6)                   ALLOW IN    Anywhere (v6)
[19] 80,443/tcp (v6)            ALLOW IN    Anywhere (v6)
[20] 8883 (v6)                  ALLOW IN    Anywhere (v6)
[21] 8083 (v6)                  ALLOW IN    Anywhere (v6)
[22] 2222 (v6)                  ALLOW IN    Anywhere (v6)

标签: websocketmosquittohivemq

解决方案

您不能使用 IP 地址,您必须使用您获得证书的主机名,例如 burooq.com

原因是浏览器将无法验证来自代理的证书,因为它没有 IP 地址的 CN 或 SAN 条目。

您还需要确保防火墙配置为允许端口 8083 上的外部访问

编辑:

同样刚刚仔细检查了 HiveMQ Websocket 展示页面,它看起来不支持通过 Websockets 代理连接到 TLS 安全的 MQTT。

推荐阅读