Getting AuthenticationException when connect M2Mqtt.MqttClient to Mosquitto broker with TLS

老子叫甜甜 提交于 2019-12-11 06:11:00

问题


I am new with MQTT protocol. When I searched for an MQTT server I found that Mosquitto broker is one of the most used one and therefore I have started using it. I have to develop an MQTT client on C#/.NET and I found only the M2Mqtt project and this C# MQTT client example.

I managed to install Mosquitto broker on Windows 10 and change the access control list using topics. Using MqttClient I am able to connect to the broker with an username, subscribe to topics and publish them with the following code.

Connect:

byte result = this.mqttClient.Connect(Guid.NewGuid().ToString(), username, string.Empty);

Subscribe:

this.mqttClient.Subscribe(new string[] { topic }, new byte[] { 2 });

Publish:

ushort result = this.mqttClient.Publish(topic, message, MqttMsgBase.QOS_LEVEL_EXACTLY_ONCE, true);

Now I want to add security in communications. I followed these steps to create the CA certificate, the server key and server certificate (I created the certificates twice). I changed the mosquito.conf file as explained in the link:

port 8883
cafile C:\mosquitto\certs\ca.crt
certfile C:\mosquitto\certs\server.crt
keyfile C:\mosquitto\certs\server.key

I don't know if it is necessary, but I added the ca.crt to the Trusted Root Certificates following these steps.

I changed the client to use the CA certificate in the connection:

//this.mqttClient = new MqttClient(brokerAddress);
X509Certificate caCertificate = new X509Certificate("ca.crt");
this.mqttClient = new MqttClient(brokerAddress, 8883, true, caCertificate, null, MqttSslProtocols.TLSv1_0);

A copy of the ca.crt file is in the same folder of the .exe file. When I run the application I always get the same exception:

  • uPLibrary.Networking.M2Mqtt.Exceptions.MqttConnectionException: Exception connecting to the broker
  • [Inner exception] System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.

Do you know if I am missing something?


回答1:


managed to get this working. Instead of using a ca.crt I exported the certificate to a ca.pfx, installed the .pfx certificate in the client computer's Trusted Root Certification Authorities cache.

To install, Simply right click on the file, choose Local machine, and complete prompts as required. Critical to select local machine and select the proper certificate store ("Trusted Root Certification Authorities").



来源:https://stackoverflow.com/questions/47793400/getting-authenticationexception-when-connect-m2mqtt-mqttclient-to-mosquitto-brok

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!