如何解决MQTTnet:无法与TLS连接:Interop + AppleCrypto + SslException:协议版本错误
我是一个新的.NET核心用户,试图学习如何使用MQTTnet在MacOS Catalina上将托管客户端与TLS连接。
我正在尝试从ASP.NET Core 3后台服务连接到Mosquitto代理。使用MqttExplorer,我可以使用用户名,密码和服务器证书(CA)文件通过TLS成功连接到服务器。因此,我知道Mosquitto broker的配置正确。
但是,我无法通过MQTTnet实现这一目标。
using (var fileStream = new FileStream(_Config.Tls.CACerts,FileMode.Open))
using (var memoryStream = new MemoryStream((int)fileStream.Length))
{
fileStream.copyTo(memoryStream);
_Logger.Loginformation($"Read file stream with length {memoryStream.Length} bytes,trying to connect with options:");
_Logger.Loginformation($"mqtt://{_Config.UserName}:{_Config.Password}/{_Config.Host}:{_Config.Port}");
_MqttOptions = new ManagedMqttClientOptionsBuilder()
.WithAutoReconnectDelay(TimeSpan.FromSeconds(5))
.WithClientOptions(new MqttClientOptionsBuilder()
.WithClientId(Guid.NewGuid().ToString())
.WithCredentials(_Config.UserName,_Config.Password)
.WithTcpserver(_Config.Host,_Config.Port)
.WithTls(
o =>
{
o.UseTls = true;
o.AllowUntrustedCertificates = true;
o.SslProtocol = SslProtocols.Tls12;
#if WINDOWS_UWP
o.Certificates = new List<byte[]>
{
new X509Certificate(memoryStream.ToArray()).Export(X509ContentType.Cert)
};
#else
o.Certificates = new List<X509Certificate>
{
new X509Certificate(memoryStream.ToArray())
};
#endif
o.CertificateValidationHandler = (context) =>
{
_Logger.Loginformation($"SSL POLICY ERRORS {context.SslPolicyErrors.ToString()}");
return true;
};
}
)
.Build())
.Build();
}
我收到以下异常:
MQTTnet.Exceptions.MqttCommunicationException: Authentication Failed,see inner exception.
---> System.Security.Authentication.AuthenticationException: Authentication Failed,see inner exception.
---> Interop+AppleCrypto+SslException: bad protocol version
--- End of inner exception stack trace ---
at System.Net.Security.SslStream.StartSendAuthResetSignal(ProtocolToken message,AsyncProtocolRequest asyncRequest,ExceptiondispatchInfo exception)
at System.Net.Security.SslStream.CheckCompletionBeforeNextReceive(ProtocolToken message,AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.StartSendBlob(Byte[] incoming,Int32 count,AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.ProcessReceivedBlob(Byte[] buffer,AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.StartReadFrame(Byte[] buffer,Int32 readBytes,AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.PartialFrameCallback(AsyncProtocolRequest asyncRequest)
--- End of stack trace from prevIoUs location where exception was thrown ---
at System.Net.Security.SslStream.ThrowIfExceptional()
at System.Net.Security.SslStream.InternalEndProcessAuthentication(LazyAsyncResult lazyResult)
at System.Net.Security.SslStream.EndProcessAuthentication(IAsyncResult result)
at System.Net.Security.SslStream.EndAuthenticateAsClient(IAsyncResult asyncResult)
at System.Net.Security.SslStream.<>c.<AuthenticateAsClientAsync>b__64_2(IAsyncResult iar)
at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar,Func`2 endFunction,Action`1 endAction,Task`1 promise,Boolean requiresSynchronization)
--- End of stack trace from prevIoUs location where exception was thrown ---
at MQTTnet.Implementations.MqttTcpChannel.ConnectAsync(CancellationToken cancellationToken)
at MQTTnet.Implementations.MqttTcpChannel.ConnectAsync(CancellationToken cancellationToken)
at MQTTnet.Internal.MqttTasktimeout.WaitAsync(Func`2 action,TimeSpan timeout,CancellationToken cancellationToken)
at MQTTnet.Adapter.MqttChannelAdapter.ConnectAsync(TimeSpan timeout,CancellationToken cancellationToken)
--- End of inner exception stack trace ---
at MQTTnet.Adapter.MqttChannelAdapter.WrapException(Exception exception)
at MQTTnet.Adapter.MqttChannelAdapter.ConnectAsync(TimeSpan timeout,CancellationToken cancellationToken)
at MQTTnet.Client.MqttClient.ConnectAsync(IMqttClientOptions options,CancellationToken cancellationToken)
>> [2020-10-02T16:07:03.9254330Z] [4] [MqttClient] [Verbose]: disconnecting [Timeout=00:00:10]
>> [2020-10-02T16:07:03.9255750Z] [4] [MqttClient] [Verbose]: disconnected from adapter.
>> [2020-10-02T16:07:03.9256240Z] [4] [MqttClient] [Info]: disconnected.
此外,明确尝试将WithProtocolVersion(MQTTnet.Formatter.MqttProtocolVersion.V311)
添加到客户端选项构建器。
有人能帮忙吗?
解决方法
There is similar very issue on github
As a workaround one user proposed following cli command:
"catchAll": {
"checklistConducteur":[false,true,false,true],"checklistEquipement":[false,"checklistEngin":[false,"checklistAttelage":[true,true]
}
有关它们的一些文档。
Trust the ASP.NET Core HTTPS development certificate on Windows and macOS
,安装.NET Core SDK会安装ASP.NET Core HTTPS 开发证书到本地用户证书存储。的 证书已安装,但不受信任。相信 证书,执行一次性步骤以运行dotnet dev-certs 工具:
设法使其正常工作!
问题在于,mosquitto代理配置为仅使用Tls v1.3。但是,使用dotnet core 3.1 tls1.3在macOS环境中似乎不受支持吗?如果openssl 1.1.1可用,则在Linux环境中可用。
我已将mosquitto代理配置降级为使用tls 1.2版,并且上面的代码现在已连接。
如果有人设法使用tlsv1.3将dotnet core 3.1客户端连接到mosquitto代理,那么任何细节都将不胜感激。
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。