问题
I am trying to use TLS for communicating over mqtt. I have ubuntu installed in my system. For using TLS, I have created certificates using the below link:
http://www.embedded101.com/Blogs/PaoloPatierno/entryid/366/mqtt-over-ssl-tls-with-the-m2mqtt-library-and-the-mosquitto-broker
I am able to create certificates. But when I give value to bind_address property in the mosquitto_m2mqtt.conf file and start mosquitto using the command mosquitto -c mosquitto_m2mqtt.conf
, I get error as given in the subject of the question; i.e., Error: cannot assign requested address
. Please let me know how to resolve this.
Below is the content of config file:
port 8883
bind_address iothdp02
cafile /etc/mosquitto/m2mqtt_ca.crt
certfile /etc/mosquitto/m2mqtt_srv.crt
keyfile /etc/mosquitto/m2mqtt_srv.key
tls_version tlsv1
When I run the command mosquitto -c mosquitto_m2mqtt.conf -v
, I am getting as error as:
1551089294: mosquitto version 1.4.8 (build date 2016-09-21 11:21:45+0530) starting
1551089294: Config loaded from mosquitto_m2mqtt.conf.
1551089294: Opening ipv4 listen socket on port 8883.
1551089294: Error: Cannot assign requested address
Edit 1:
I have removed bind_address
from config file and starting mosquitto with the new config file with 'mosquitto -c mosquitto_m2mqtt.conf -v'. Mosquitto starts, but when I run mosquitto_sub command, I am getting error as below:
mosquitto -c mosquitto_m2mqtt.conf -v
1551172930: mosquitto version 1.4.8 (build date 2016-09-21 11:21:45+0530) starting
1551172930: Config loaded from mosquitto_m2mqtt.conf.
1551172930: Opening ipv4 listen socket on port 8883.
1551172930: Opening ipv6 listen socket on port 8883.
Enter PEM pass phrase:
1551172960: New connection from 127.0.0.1 on port 8883.
1551172960: OpenSSL Error: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown
1551172960: OpenSSL Error: error:140940E5:SSL routines:ssl3_read_bytes:ssl handshake failure
1551172960: Socket error on client <unknown>, disconnecting.
In the window that I am subscribing, I am getting error as below:
mosquitto_sub -p 8883 -q 1 -t sensor/temp --cafile /etc/mosquitto/m2mqtt_srv.crt --tls-version tlsv1 -d
Unable to connect (A TLS error occurred.).
回答1:
If you pass a hostname to the bind_address
argument it must resolve to a valid IP address, this is not necessarily the same as the output from hostname
.
This has nothing to do with the TLS/certificate setup it is purely how mosquitto identifies which address to bind to.
You have a few choices on how to fix this:
- remove the
bind_address
line, this will cause mosquitto to listen on all available addresses - ensure that what ever you use in the
bind_address
field resolves to an IP address bound to an interface on the machine the broker is running. This might mean using the fully qualified domain name (you probably should have used that in the broker's certificate CN as well) - replace the hostname with the ip address for the interface you want mosquitto to listen on.
来源:https://stackoverflow.com/questions/54863408/facing-error-while-using-tls-with-mosquitto