如何解决QT MQTT安全连接
我已经设置了本地mosquitto服务器;我可以使用没有SSL的QT(5.15.0)MQTT连接到它。
尝试使用SSL对其进行配置,看到了关于该主题的不同文章。我仍然无法与服务器正确进行TLS握手。
我能够连接到mosquitto服务器,但是它指出套接字错误并断开连接:
1598878059: mosquitto version 1.6.10 starting
1598878059: Config loaded from .\mosquitto.conf.
1598878059: opening ipv6 listen socket on port 8883.
1598878059: opening ipv4 listen socket on port 8883.
1598878082: New connection from 192.168.1.34 on port 8883.
1598878082: Socket error on client <unkNown>,disconnecting.
需要注意的是,MQTT.fx客户端可以使用SSL / TLS和相同的证书成功地与相同的本地mosquitto安装/配置对话。仅Qt MQTT代码就有套接字错误问题。
mosquitto配置非常简单:
# Port to use for the default listener.
port 8883
# At least one of cafile or capath must be defined. They both
# define methods of accessing the PEM encoded Certificate
# Authority certificates that have signed your server certificate
# and that you wish to trust.
# cafile defines the path to a file containing the CA certificates.
# capath defines a directory that will be searched for files
# containing the CA certificates. For capath to work correctly,the
# certificate files must have ".crt" as the file ending and you must run
# "openssl rehash <path to capath>" each time you add/remove a certificate.
#cafile
#capath
cafile C:\Program Files\mosquitto\certs\m2mqtt_ca.crt
# Path to the PEM encoded server certificate.
certfile C:\Program Files\mosquitto\certs\m2mqtt_srv.crt
# Path to the PEM encoded keyfile.
keyfile C:\Program Files\mosquitto\certs\m2mqtt_srv.key
在客户端,我确实看到了:
"OpenSSL 1.1.1d 10 Sep 2019"
true
"OpenSSL 1.1.1d 10 Sep 2019"
Default SSL configuration isNull: false
SSL configuration used by QNAM isNull: true
State: Connecting
State: disconnected
256
我用来测试连接的代码:
#include <QCoreApplication>
#include <QtMqtt>
#include <QtNetwork/QNetworkAccessManager>
#include <QtNetwork/qnetworkrequest>
#include <QtNetwork/QNetworkReply>
#include <QSslSocket>
#include <QSslConfiguration>
#if 1
const QByteArray pem = R"(-----BEGIN CERTIFICATE-----
MIIC8DCCAlmgAwIBAgIJAOD63PlXjJi8MA0GCSqGSIb3DQEBBQUAMIGQMQswCQYD
VQQGEwJHQjEXMBUGA1UECAwOVW5pdGVkIEtpbmdkb20xDjAMBgNVBAcMBURlcmJ5
MRIwEAYDVQQKDAlNb3NxdWl0dG8xCzAJBgNVBAsMAkNBMRYwFAYDVQQDDA1tb3Nx
dWl0dG8ub3JnMR8wHQYJKoZIhvcNAQkBFhByb2dlckBhdGNob28ub3JnMB4XDTEy
MDYyOTIyMTE1OVoXDTIyMDYyNzIyMTE1OVowgZAxCzAJBgNVBAYTAkdCMRcwFQYD
VQQIDA5Vbml0ZWQgS2luZ2RvbTEOMAwGA1UEBwwFRGVyYnkxEjAQBgNVBAoMCU1v
c3F1aXR0bzELMAkGA1UECwwCQ0ExFjAUBgNVBAMMDW1vc3F1aXR0by5vcmcxHzAd
BgkqhkiG9w0BCQEWEHJvZ2VyQGF0Y2hvby5vcmcwgZ8wDQYJKoZIhvcNAQEBBQAD
gY0AMIGJAoGBAMYkLmX7SqOT/jJCZoQ1NWdCrr/pq47m3xxyXcI+FLEmwbE3R9vM
rE6sRbP2S89pfrCt7iuiTXPKycpucIU0mtcT1OqxGBV2lb6RaOT2gC5pxyGaFJ+h
A+GIbdYKO3JprPxSBoRponZJvDGEZuM3N7p3S/lRoi7G5wG5mvUmaE5RAgMBAAGj
UDBOMB0GA1UdDgQWBBTad2QneVztIPQzRRGj6ZHKqJTv5jAfBgNVHSMEGDAWgBTa
d2QneVztIPQzRRGj6ZHKqJTv5jAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUA
A4GBAAqw1rK4NlRUCUBLhEFUQasjP7xfFqlVbE2cRy0Rs4o3KS0JwzQVBwG85xge
REyPOFdGdhBY2P1FNRy0MDr6xr+D2ZOwxs63dG1nnAnWZg7qwoLgpZ4fESPD3PkA
1ZgKJc2zbSQ9fCPxt2W3mdVav66c6fsb7els2W2Iz7gERJSX
-----END CERTIFICATE-----
)";
#endif
// Connecting to Secure MQTT with QtMqtt and SSL
// https://stackoverflow.com/questions/57829480/how-do-i-perform-a-secure-mqtt-using-qtmqtt-and-ssl
int main(int argc,char *argv[])
{
QCoreApplication a(argc,argv);
// const QString hostname{"test.mosquitto.org"}; // Mosquitto public test server
const QString hostname{"192.168.1.34"}; // Local Mosquitto test server
const quint16 port = 8883;
const QMqttTopicName topic{"qtmqtt/ssl_test"};
const QMqttTopicFilter filter{"qtmqtt/#"};
QSslCertificate cert = QSslCertificate(pem,QSsl::Pem);
QSslConfiguration config; // Since QT 5.14,SSL transport config
config.defaultConfiguration();
config.setProtocol(QSsl::TlsV1_2); // needs to be handled explicitly with
config.addCaCertificate(cert); // client.connectToHostEncrypted(config);
config.setLocalCertificate(cert);
QMqttClient client;
client.setHostname(hostname);
client.setPort(port);
QNetworkAccessManager qnam;
qnetworkrequest request;
QNetworkReply *reply = qnam.get(request);
// Check OpenSSL support is functional
// https://stackoverflow.com/questions/58625924/qt-error-message-qt-network-ssl-qsslsocketconnecttohostencrypted-tls-initia
qDebug() << QSslSocket::ssllibraryBuildVersionString();
qDebug() << QSslSocket::supportsSsl();
qDebug() << QSslSocket::ssllibraryVersionString();
// Check SSL configuration
// https://stackoverflow.com/questions/3683826/qnetworkrequest-and-default-ssl-configuration
qDebug() << "Default SSL configuration isNull: "
<< QSslConfiguration::defaultConfiguration().isNull();
qDebug() << "SSL configuration used by QNAM isNull: "
<< reply->sslConfiguration().isNull();
QObject::connect(&client,&QMqttClient::stateChanged,[](QMqttClient::ClientState state){
if(state == QMqttClient::disconnected)
qDebug() << " State: disconnected";
else if(state == QMqttClient::Connecting)
qDebug() << " State: Connecting";
else if(state == QMqttClient::Connected)
qDebug() << " State: Connected";
});
QObject::connect(&client,&QMqttClient::errorChanged,[](QMqttClient::ClientError error){
qDebug() << error;
});
QObject::connect(&client,&QMqttClient::messageReceived,[](const QByteArray &message,const QMqttTopicName &topic){
qDebug() << " Received Topic:" << topic.name() << " Message: " << message;
});
QTimer timer;
QObject::connect(&timer,&QTimer::timeout,[&client,&topic](){
if(client.publish(topic,QDateTime::currentDateTime().toString().toUtf8()) == -1)
qDebug() << "Error: Could not publish message";
});
QObject::connect(&client,&QMqttClient::connected,&timer,&filter](){
QMqttSubscription *subscription = client.subscribe(filter);
if(!subscription)
qDebug() << "Could not subscribe";
timer.start(1000);
});
client.connectToHostEncrypted(config);
return a.exec();
}
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
