node.js mqtt client using TLS

青春壹個敷衍的年華 提交于 2019-11-28 08:40:36

问题


I am trying to implement a node.js mqtt client with TLS using the package below;

https://www.npmjs.com/package/mqtt#client

The code for running mqtt client without TLS is as follows;

var mqtt = require('mqtt')
var client  = mqtt.connect('mqtt://test.mosquitto.org')

client.on('connect', function () {
  client.subscribe('presence')
  client.publish('presence', 'Hello mqtt')
})

client.on('message', function (topic, message) {
  // message is Buffer 
  console.log(message.toString())
  client.end()
})

How should the above code be modified to use TLS on the mqtt client?

The mosca MQTT broker was run as a stand-alone using the command below;

mosca --key ./tls-key.pem --cert ./tls-cert.pem --http-port 3000 --http-bundle --http-static ./ | pino

回答1:


Should be enough to change the protocol part of the URL to mqtts://

mqtts://test.mosquitto.org.

Self-signed certificates

You can pass the following option to the connect function when using self-signed certificates (for testing purposes only):

mqtt.connect('mqtts://test.mosquitto.org', {
    rejectUnauthorized: false
});



回答2:


You need to provide the mqtt.connect() function with an options object which includes the CA certificate to use to verify the connection.

The options object needs to include a ca key that points to the certificate used to sign the brokers certificate. As it looks like your using a self signed certificate this will be the same one used by the broker.

The ca key is described here

Or you can allow any certificate with the rejectUnauthorized key as mentioned in @notion's answer. But that makes it impossible to detect if somebody is impersonating your broker



来源:https://stackoverflow.com/questions/40018804/node-js-mqtt-client-using-tls

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!