MQTT服务-Mosquitto简单安装及TLS双向认证配置
|
一. 安装配置Mosquitto 1. yum安装Mosquitto yum install epel-release -y yum search mosquitto yum install mosquitto-devel mosquitto -y 2. 配置?Mosquitto egrep -v ‘^#|^$‘ /etc/mosquitto/mosquitto.conf pid_file /var/run/mosquitto.pid port 1883 #默认连接端口 persistence true persistence_location /var/lib/mosquitto/ #创建对应目录 log_dest file /var/log/mosquitto/mosquitto.log #创建对应目录 log_type all 3. 启动?Mosquitto systemctl start mosquitto
systemctl enable mosquitto
systemctl status mosquitto
4、安装MQTT客户端测试工具mqttfx ?下载地址:http://mqttfx.bceapp.com/
下载安装完成,打开软件进行测试
?
?
?出现以上现象说明配置成功! 二. 配置Mosquitto的TLS双向认证 采用Openssl作为TLS的实现 mkdir /etc/mosquitto/Myca && cd /etc/mosquitto/Myca
1. 产生CA的key和证书文件 1) 生成ca的密钥文件
[[email?protected] ca]# openssl genrsa -des3 -out ca.key 2048 Generating RSA private key,2048 bit long modulus ..........................+++ .........................................................................+++ e is 65537 (0x10001) Enter pass phrase for ca.key: Verifying - Enter pass phrase for ca.key: ? ?
2. 生成server端证书 3. 生成client端证书 1)生成client的私钥openssl genrsa -out client.key 20482)生成client端请求文件(.csr)openssl req -new -out client.csr -key client.key3)生成服务端的证书openssl x509 -req -in client.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out client.crt -days 3650 (编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |
