nrf oob实例_如何将nRF9160羽毛连接到自托管的Mosquitto实例

nrf oob实例

One thing that’s always tripped me up as an IoT developer is figuring out the best way to transmit data. There are many different kinds of radios and mediums. On top of that, there are different protocols to boot.

作为物联网开发人员，总是让我着迷的一件事是寻找最佳的数据传输方式。 有许多不同种类的收音机和媒体。 最重要的是，有不同的协议可以启动。

As of this writing, there is one protocol that has reigned supreme in the IoT world:

在撰写本文时，有一种协议在物联网世界中占据统治地位：

MQTT.

MQTT。

Unlike an HTTP server, a device can connect, publish, and subscribe to topics. These topics then get sent to a broker and distributed to other subscribed devices. It also happens that MQTT on Nordic’s nRF9160 is well supported.

与HTTP服务器不同，设备可以连接，发布和订阅主题。 然后，这些主题将发送到代理并分发到其他订阅的设备。 碰巧，Nordic nRF9160上的MQTT也得到了很好的支持。

In this post, I’ll show you how to connect the nRF9160 Feather to a self-hosted Mosquitto instance. You’ll learn how to generate your own certificates, and get a hang of how to test your connections.

在这篇文章中，我将向您展示如何将nRF9160 Feather连接到自托管的Mosquitto实例。 您将学习如何生成自己的证书，并了解如何测试连接。

Ready to play? Let’s get to it.

准备玩？ 让我们开始吧。

在哪里托管？ (Where to host?)

If you want to host Mosquitto, you’ll need a server. Since Mosquitto is written in C it’s lightweight and can go almost anywhere. Plus it sips resources so you can install it on a budget VPS without much worry. That’s where a VPS provider like Digital Ocean or Vultr comes in.

如果您想托管Mosquitto，则需要一台服务器。 由于Mosquitto用C编写，因此它是轻量级的，几乎可以在任何地方使用。 加上它会消耗资源，因此您可以在预算VPS上安装它，而不必担心。 这就是VPS提供商(例如Digital Ocean或Vultr)进来的地方。

To set up a new server here are some steps:

要设置新服务器，请执行以下步骤：

• Login to Digital Ocean. If you don’t have Digital Ocean and would like to support click here to create an account.

  登录到数字海洋。 如果您没有Digital Ocean并想支持，请单击此处创建一个帐户。

• Create a new Droplet
  创建一个新的Droplet

• Choose the FreeBSD 12.1 with UFS.
  选择带有UFS的FreeBSD 12.1。

• Choose the $5 instance. That’s usually more than enough.
  选择$ 5实例。 通常这绰绰有余。

• Make sure you import your public key. Otherwise, you won’t be able to immediately use password-less login.
  确保导入公共密钥。 否则，您将无法立即使用无密码登录。

• Hit that green Create Droplet button, and let’s get this show on the road.

  点击绿色的“ 创建小滴”按钮，让我们在旅途中展示这个节目。

重要的额外步骤 (Important Extra step)

For the certs to work with Mosquitto, you’ll have to set a domain to point to your VPS IP address. A CNAME or A record works. If you’re unsure how to do that, here’s a good guide. Note which (sub)domain you’ve used. We’ll need it in a bit…

为了使证书与Mosquitto一起使用，您必须将域设置为指向您的VPS IP地址。 CNAME或A记录有效。 如果您不确定该怎么做， 这里有一个很好的指南。 请注意您使用了哪个(子)域。 我们将需要它…

安装Mosquitto (Install Mosquitto)

I run my servers inside of a FreeBSD jail using Bastille. In this tutorial, we’ll be skipping the jail part and focusing on getting the nRF9160 Feather working.

我使用Bastille在FreeBSD监狱内运行服务器。 在本教程中，我们将跳过监狱部分，重点介绍使nRF9160 Feather正常工作。

• You should be set with a Digital Ocean instance (or similar) using FreeBSD. If you haven't done that yet, head back up to the Where to host? section.

  您应该使用FreeBSD设置一个Digital Ocean实例(或类似实例)。 如果您还没有这样做，请回到哪里托管？ 部分。

• Next, to install mosquitto on your droplet, run pkg install mosquitto. If you’re running something other than FreeBSD, this command may differ. apt-get install mosquitto works on Debian-based systems. If you want the most up to date repositories, make sure you run sudo apt-add-repository ppa:mosquitto-dev/mosquitto-ppa beforehand. Here’s what the full output on FreeBSD looks like:

  接下来，要在您的mosquitto上安装mosquitto ，请运行pkg install mosquitto 。 如果您运行的不是FreeBSD，则此命令可能有所不同。 apt-get install mosquitto在基于Debian的系统上工作。 如果您想要最新的存储库，请确保事先运行sudo apt-add-repository ppa:mosquitto-dev/mosquitto-ppa 。 这是FreeBSD上完整输出的样子：

$ pkg install mosquitto
The package management tool is not yet installed on your system.
Do you want to fetch and install it now? [y/N]: y
Bootstrapping pkg from pkg+http://pkg.FreeBSD.org/FreeBSD:12:amd64/quarterly, please wait...
Verifying signature with trusted certificate pkg.freebsd.org.2013102301... done
[mosquitto] Installing pkg-1.14.6...
[mosquitto] Extracting pkg-1.14.6: 100%
Updating FreeBSD repository catalogue...
[mosquitto] Fetching meta.conf: 100%    163 B   0.2kB/s    00:01
[mosquitto] Fetching packagesite.txz: 100%    6 MiB   6.6MB/s    00:01
Processing entries: 100%
FreeBSD repository update completed. 31943 packages processed.
All repositories are up to date.
Updating database digests format: 100%
The following 4 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
        c-ares: 1.16.1
        ca_root_nss: 3.55
        e2fsprogs-libuuid: 1.45.6
        mosquitto: 1.6.7

Number of packages to be installed: 4

The process will require 2 MiB more space.
682 KiB to be downloaded.

Proceed with this action? [y/N]: y
[mosquitto] [1/4] Fetching mosquitto-1.6.7.txz: 100%  226 KiB 231.1kB/s    00:01
[mosquitto] [2/4] Fetching ca_root_nss-3.55.txz: 100%  285 KiB 291.5kB/s    00:01
[mosquitto] [3/4] Fetching e2fsprogs-libuuid-1.45.6.txz: 100%   34 KiB  34.7kB/s    00:01
[mosquitto] [4/4] Fetching c-ares-1.16.1.txz: 100%  138 KiB 140.9kB/s    00:01
Checking integrity... done (0 conflicting)
[mosquitto] [1/4] Installing ca_root_nss-3.55...
[mosquitto] [1/4] Extracting ca_root_nss-3.55: 100%
[mosquitto] [2/4] Installing e2fsprogs-libuuid-1.45.6...
[mosquitto] [2/4] Extracting e2fsprogs-libuuid-1.45.6: 100%
[mosquitto] [3/4] Installing c-ares-1.16.1...
[mosquitto] [3/4] Extracting c-ares-1.16.1: 100%
[mosquitto] [4/4] Installing mosquitto-1.6.7...
===> Creating users
Using existing user 'nobody'.
[mosquitto] [4/4] Extracting mosquitto-1.6.7: 100%
=====
Message from ca_root_nss-3.55:

--
FreeBSD does not, and can not warrant that the certification authorities
whose certificates are included in this package have in any way been
audited for trustworthiness or RFC 3647 compliance.

Assessment and verification of trust is the complete responsibility of the
system administrator.

This package installs symlinks to support root certificates discovery by
default for software that uses OpenSSL.

This enables SSL Certificate Verification by client software without manual
intervention.

If you prefer to do this manually, replace the following symlinks with
either an empty file or your site-local certificate bundle.

  * /etc/ssl/cert.pem
  * /usr/local/etc/ssl/cert.pem
  * /usr/local/openssl/cert.pem
=====
Message from mosquitto-1.6.7:

--
The mosquitto MQTT Python driver is now provided by net/py-paho-mqtt

All installed package configuration lives at /usr/local/etc/mosquitto/. We’ll need to edit mosquitto.conf in that folder to use certificates. Here’s what it looks like:

所有已安装的软件包配置都位于/usr/local/etc/mosquitto/ 。 我们需要在该文件夹中编辑mosquitto.conf才能使用证书。 看起来是这样的：

# Daemon configuration
pid_file /var/run/mosquitto.pid
user nobody

# Port to use for the default listener.
port 8885

# At least one of cafile or capath must be defined.
cafile /root/pki/ca.crt

# Path to the PEM encoded server certificate.
certfile /root/pki/issued/mosquitto.crt

# Path to the PEM encoded keyfile.
keyfile /root/pki/private/mosquitto.key

# Path to CRL file
#crlfile /root/pki/crl.pem

# Each client has their own cert
require_certificate true
use_identity_as_username true

# listener port-number [ip address/host name]
listener 1883
protocol mqtt

# listener port-number [ip address/host name]
# listener 8080
# protocol websockets

# =================================================================
# Logging
# =================================================================
log_dest syslog

# Types of messages to log.
log_type all
#log_type warning
# websockets_log_level 127

# -----------------------------------------------------------------
# Default authentication and topic access control
# -----------------------------------------------------------------
# password_file /usr/local/etc/mosquitto/pwfile

Before we can start the server we’ll need to provision some RSA certificates. We’ll get to that in the next step.

在启动服务器之前，我们需要提供一些RSA证书。 我们将在下一步中进行介绍。

提供证书 (Provision Certs)

You can use easy-rsa to generate a CA server and client certs. (These instructions come from this guide.) For production, you should generate your keys and certs on an offline machine. That way your private keys are safe if your server becomes a target.

您可以使用easy-rsa生成CA服务器和客户端证书。 (这些说明来自本指南 。)对于生产，您应该在脱机计算机上生成密钥和证书。 这样，如果服务器成为目标，则私钥是安全的。

First, install easy-rsa:

首先，安装easy-rsa ：

$ pkg install easy-rsa
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
        easy-rsa: 3.0.7

Number of packages to be installed: 1

44 KiB to be downloaded.

Proceed with this action? [y/N]: y
[mosquitto] [1/1] Fetching easy-rsa-3.0.7.txz: 100%   44 KiB  44.8kB/s    00:01
Checking integrity... done (0 conflicting)
[mosquitto] [1/1] Installing easy-rsa-3.0.7...
[mosquitto] [1/1] Extracting easy-rsa-3.0.7: 100%

Then let's begin the cert creation process:

然后，让我们开始证书创建过程：

$ easyrsa init-pki

Note: using Easy-RSA configuration from: /usr/local/share/easy-rsa/vars

init-pki complete; you may now create a CA or requests.
Your newly created PKI dir is: /root/pki
$
$ easyrsa build-ca

Note: using Easy-RSA configuration from: /usr/local/share/easy-rsa/vars
Using SSL: openssl OpenSSL 1.1.1d-freebsd  10 Sep 2019

Enter New CA Key Passphrase:
Re-Enter New CA Key Passphrase:
Generating RSA private key, 2048 bit long modulus (2 primes)
......................+++++
..................................................................................+++++
e is 65537 (0x010001)
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Common Name (eg: your user, host, or server name) [Easy-RSA CA]:testserver.jaredwolff.com

CA creation complete and you may now import and sign cert requests.
Your new CA certificate file for publishing is at:
/root/pki/ca.crt

Note: You will be prompted for a password at the build-ca step. Make sure you keep this password handy.

注意：在build-ca步骤中将提示您输入密码。 确保方便使用此密码。

Then to generate a server cert use:

然后生成服务器证书使用：

$ easyrsa gen-req mosquitto nopass

Note: using Easy-RSA configuration from: /usr/local/share/easy-rsa/vars
Using SSL: openssl OpenSSL 1.1.1d-freebsd  10 Sep 2019
Generating a RSA private key
...............+++++
........................................+++++
writing new private key to '/root/pki/easy-rsa-82720.X2NVQ0/tmp.akOxhO'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Common Name (eg: your user, host, or server name) [mosquitto]:testserver.jaredwolff.com

Keypair and certificate request completed. Your files are:
req: /root/pki/reqs/mosquitto.req
key: /root/pki/private/mosquitto.key
$
$ easyrsa sign-req server mosquitto

Note: using Easy-RSA configuration from: /usr/local/share/easy-rsa/vars
Using SSL: openssl OpenSSL 1.1.1d-freebsd  10 Sep 2019

You are about to sign the following certificate.
Please check over the details shown below for accuracy. Note that this request
has not been cryptographically verified. Please be sure it came from a trusted
source or that you have verified the request checksum with the sender.

Request subject, to be signed as a server certificate for 825 days:

subject=
    commonName                = testserver.jaredwolff.com

Type the word 'yes' to continue, or any other input to abort.
  Confirm request details: yes
Using configuration from /root/pki/easy-rsa-82744.hyuGzt/tmp.lZHLEH
Enter pass phrase for /root/pki/private/ca.key:
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
commonName            :ASN.1 12:'testserver.jaredwolff.com'
Certificate is to be certified until Nov  3 01:12:53 2022 GMT (825 days)

Write out database with 1 new entries
Data Base Updated

Certificate created at: /root/pki/issued/mosquitto.crt

You’ll be prompted for both the Common Name (i.e. your server name) and the CA cert password in the above step. Important: the Common Name needs to match the domain name of your server! (Remember, we wrote that down earlier?)

在上述步骤中，系统将提示您输入通用名称(即服务器名称)和CA证书密码。 重要提示 ： 通用名称必须与服务器的域名匹配！ (还记得，我们早些写下来吗？)

To generate the nRF9160 cert, use:

要生成nRF9160证书，请使用：

$ easyrsa gen-req nrf9160 nopass batch
$ easyrsa sign-req client nrf9160 batch

Follow the same procedure as earlier. The only difference is that we’re generating a client cert instead of a server cert.

请按照与之前相同的步骤进行操作。 唯一的区别是我们生成的是客户端证书而不是服务器证书。

Once complete, we’ll need some files. Here’s a full list:

完成后，我们将需要一些文件。 这是完整列表：

For your Mosquitto Server

对于您的Mosquitto服务器

• /root/pki/ca.crt

  /root/pki/ca.crt

• /root/pki/private/mosquitto.key

  /root/pki/private/mosquitto.key

• /root/pki/issued/mosquitto.crt

  /root/pki/issued/mosquitto.crt

For your nRF9160 Feather

为您的nRF9160羽毛

• /root/pki/ca.crt

  /root/pki/ca.crt

• /root/pki/private/nrf9160.key

  /root/pki/private/nrf9160.key

• /root/pki/issued/nrf9160.crt

  /root/pki/issued/nrf9160.crt

If you’re using the configuration from above, it’s already pointing to your server certificates. All we have to do now is start mosquitto!

如果您使用上面的配置，则它已经指向您的服务器证书。 我们现在要做的就是开始mosquitto ！

$ service mosquitto start
Cannot 'start' mosquitto. Set mosquitto_enable to YES in /etc/rc.conf or use 'onestart' instead of 'start'.

If you get an error about mosquitto_enable simply run:

如果您收到有关mosquitto_enable的错误，只需运行：

$ sysrc mosquitto_enable=YES
$ service mosquitto start
Starting mosquitto.

This enables mosquitto to start when your system starts.

这使mosquitto在系统启动时启动。

Now, check if mosquitto is running by using ps aux:

现在，使用ps aux检查mosquitto是否正在运行：

$ ps aux
USER     PID %CPU %MEM   VSZ  RSS TT  STAT STARTED    TIME COMMAND
root   82401  0.0  0.2 11472 2424  -  SsJ  01:02   0:00.00 /usr/sbin/syslogd -ss
root   82457  0.0  0.2 11408 2284  -  IsJ  01:02   0:00.00 /usr/sbin/cron -J 60 -s
nobody 82900  0.0  0.6 16352 6212  -  SsJ  01:17   0:00.02 /usr/local/sbin/mosquitto -c /usr/local/etc/mosquitto/mosquitto.conf -d
root   82488  0.0  0.3 12096 2848  0  IJ   01:02   0:00.01 login [pam] (login)
root   82489  0.0  0.3 13092 3504  0  SJ   01:02   0:00.03 -csh (csh)
root   82902  0.0  0.3 11704 2540  0  R+J  01:17   0:00.00 ps aux

Now that we have a server loaded and running, let’s get the firmware working.

现在我们已经加载并运行了服务器，让我们开始运行固件。

固件位 (Firmware bits)

Dealing with certificates on the nRF9160 Feather is a two-step process. The first step is to load the certificates using the at_client firmware. The second is to load the mqtt_simple library with added TLS support. Let’s tackle the certs first.

在nRF9160 Feather上处理证书的过程分为两个步骤。 第一步是使用at_client固件加载证书。 第二个是使用附加的TLS支持加载mqtt_simple库。 让我们首先解决证书。

首先编程at_client (Program at_client first)

Change directories to ncs/nrf/samples/nrf9160/at_client/ and start a fresh build:

将目录更改为ncs/nrf/samples/nrf9160/at_client/并开始新的构建：

$ west build -b circuitdojo_feather_nrf9160ns -p

Then flash to your board using:

然后使用以下命令闪烁到您的板上：

$ west flash --erase
$ nrfjprog -r

We’ll need this sample on your board for the next step.

下一步，我们将需要此样本在您的板上。

将证书添加到设备 (Add certs to device)

To install our new certs, we’ll need nRF Connect Desktop installed. You can download it by going here.

要安装我们的新证书，我们需要安装nRF Connect Desktop。 您可以通过此处下载它。

You’ll also need a custom version of LTE Link Monitor. You can get the modified version on docs.jaredwolff.com.

您还需要LTE Link Monitor的自定义版本。 您可以在docs.jaredwolff.com上获取修改后的版本。

First, Install nRF Connect Desktop app. Then, copy the LTE Link Monitor .tgz file to %USERPROFILE%\.nrfconnect-apps\local (on Windows) or $HOME/.nrfconnect-apps/local (on Linux/macOS). Here’s an example of where it is on Windows:

首先，安装nRF Connect Desktop应用程序。 然后，将LTE Link Monitor .tgz文件复制到%USERPROFILE%\.nrfconnect-apps\local (在Windows上)或$HOME/.nrfconnect-apps/local (在Linux / macOS上)。 这是Windows上的示例：

Close and re-open nRF Connect Desktop (if it’s open).

关闭并重新打开nRF Connect Desktop(如果已打开)。

Then, click Open next to the v1.1.1 version of LTE Link Monitor. It will also have local written underneath it.

然后，单击LTE Link Monitor v1.1.1版本旁边的打开 。 它的下面还会有当地文字。

Next, let’s launch it!

接下来，让我们启动它！

Once you’ve opened the port, hit the reset button. Make sure you turn off Automatic requests.

打开端口后，点击“重置”按钮。 确保关闭自动请求。

Then in the command box send AT+CFUN=4. This will shut down your modem so it’s ready to upload certs. You can run AT+CFUN? to confirm your modem in that mode.

然后在命令框中发送AT + CFUN = 4 。 这将关闭您的调制解调器，以便准备上传证书。 您可以运行AT + CFUN吗？ 以该模式确认您的调制解调器。

Open up the Certificate manager.

打开证书管理器。

Make sure you set the security tag. In this case, I’m using 1234. This is an important identifier that you’ll need later. Make it whatever you want but I would avoid using 16842753. This is the default tag for NRF Cloud. You don’t want to blast away your nRF Cloud certs!

确保设置了安全标签。 在这种情况下，我使用的是1234。这是以后需要使用的重要标识符。 使其随心所欲，但我会避免使用16842753。这是NRF Cloud的默认标记。 您不想炸毁您的nRF Cloud证书！

Copy and paste the contents of your ca.crt, nrf9160.crt and nrf9160.key into the boxes (in that order). You can easily get the certs by using cat on Unix/Linux:

将ca.crt ， nrf9160.crt和nrf9160.key的内容复制并粘贴到框中( nrf9160.key顺序)。 您可以在Unix / Linux上使用cat轻松获得证书：

$ cat cat.crt
-----BEGIN CERTIFICATE-----
MIIDdTCCAl2gAwIBAgIUDLkBxLLQO9wosNDtA7E9qvqHOxMwDQYJKoZIhvcNAQEL
BQAwJDEiMCAGA1UEAwwZdGVzdHNlcnZlci5qYXJlZHdvbGZmLmNvbTAeFw0yMDA3
MzEwMTExNDJaFw0zMDA3MjkwMTExNDJaMCQxIjAgBgNVBAMMGXRlc3RzZXJ2ZXIu
amFyZWR3b2xmZi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3
de1v8k+FXzY/Im7Z2YKS7wwbBRft5CUxqP1sdYJgMvheS9LhFufk81URZ0lHD9pK
aNPxU1UEmnLvVDTGLJ+YAmMH08xn17FS1R1UVPYzi2ouwqRM2pR9EStsSlP9Zj44
1MsdizABnnlkZndUVLL/gjc4cNsNncMLBSEbsz6b5WzhtAGg3rOpdAxSSblZVSFw
bquCgg5hb2NUzy+JxGtUIsE5d6CxTDdSs4Z3FK/RRYjmCG6qsaya4N5W35yf8h5O
StfKRecl3kq2kCnWa6P+lErG4wuxIBtMkgz2zV+zd1tz4aHXxSdoZTqLz7dTVbFA
zEVnKD+ZReBG+4fwUL6rAgMBAAGjgZ4wgZswHQYDVR0OBBYEFIvdGnjrxRPzvXQi
7XJ70LzpZSOjMF8GA1UdIwRYMFaAFIvdGnjrxRPzvXQi7XJ70LzpZSOjoSikJjAk
MSIwIAYDVQQDDBl0ZXN0c2VydmVyLmphcmVkd29sZmYuY29tghQMuQHEstA73Ciw
0O0DsT2q+oc7EzAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjANBgkqhkiG9w0B
AQsFAAOCAQEAIzz1nSSDkPueNPlADRYMDOMFNkxoKA+gRXwDVa7y39As7IZp7Fqr
KAH79U1XtGyDlt6FPKTvDJ7jtd4y8auIGVQO7z3AG9pVU1imIWZHoIqgBUCEhsjp
uMxD23kRCX5kd9dsmF9WOGGxb4kkMv83Rh2rCONQmvnozuI3fJv2ZFX/ORoADGLP
OPSJPl11x+2rxPxiLi+T8RyzDh3DwqnPVsSnbRWV7hosaN0ip/cbnSTaIul9mbCY
ID6qm9leqlY/gha9aZfg+tv1Lm6PT6o8Pzek2VeDoIS5YERBMOwV84hQrZjV3vIE
jT6y663HGsl7KvqVaWdV3fM6Cr7f0QdR5A==
-----END CERTIFICATE-----

You’ll need everything from -----BEGIN CERTIFICATE----- to -----END CERTIFICATE-----

您将需要从-----BEGIN CERTIFICATE-----到-----END CERTIFICATE-----

Check the Log area for more details. If all went well, it should say that your certificates updated.

检查日志区域以获取更多详细信息。 如果一切顺利，则应该说您的证书已更新。

使用mqtt_simple示例 (Using the mqtt_simple example)

We’ll be using the mqtt_simple sample within the nRF Connect SDK repository. The full path is: ncs/nrf/samples/nrf9160/mqtt_simple. We’ll need to make a few edits to add full TLS compatibility. All the files are within the mqtt_simple directory.

我们将在nRF Connect SDK存储库中使用mqtt_simple示例。 完整路径为： ncs/nrf/samples/nrf9160/mqtt_simple 。 我们需要进行一些编辑以添加完全的TLS兼容性。 所有文件都在mqtt_simple目录中。

First, we’ll have to update the proj.conf file. See the highlighted differences:

首先，我们必须更新proj.conf文件。 查看突出显示的差异：

The # Set the PDP Context section is especially important if you’re using a Hologram SIM card (included with the nRF9160 Feather). If you are using a SIM that doesn’t need it, you do not need this section.

如果您使用的是全息图SIM卡(nRF9160 Feather随附)，则# Set the PDP Context部分特别重要。 如果您使用的SIM卡不需要它，则不需要此部分。

Adopt your CONFIG_MQTT_BROKER_HOSTNAME to your hostname (configured at the beginning of this guide).

将您的CONFIG_MQTT_BROKER_HOSTNAME主机名(在本指南的开头进行配置)。

You’ll also have to add these lines in KConfig:

您还必须在KConfig添加以下行：

config SEC_TAG
	int "Security tag to use for the connection"
	default 1234

config PEER_VERIFY
	int "Peer verify parameter for mqtt_client"
	default 1
	help
			Set to 0 for VERIFY_NONE, 1 for VERIFY_OPTIONAL, and 2 for VERIFY_REQUIRED.

Finally in main add this block to the top of your file:

最后，在main中将此块添加到文件顶部：

#if defined(CONFIG_MQTT_LIB_TLS)
static sec_tag_t sec_tag_list[] = { CONFIG_SEC_TAG };
#endif /* defined(CONFIG_MQTT_LIB_TLS) */

Then add this block to client_init under #if defined(CONFIG_MQTT_LIB_TLS)

然后将此块添加到#if defined(CONFIG_MQTT_LIB_TLS)下的client_init

struct mqtt_sec_config *tls_config = &client->transport.tls.config;

	client->transport.type = MQTT_TRANSPORT_SECURE;

	tls_config->peer_verify = CONFIG_PEER_VERIFY;
	tls_config->cipher_count = 0;
	tls_config->cipher_list = NULL;
	tls_config->sec_tag_count = ARRAY_SIZE(sec_tag_list);
	tls_config->sec_tag_list = sec_tag_list;
	tls_config->hostname = CONFIG_MQTT_BROKER_HOSTNAME;

The changes should look like this:

更改应如下所示：

Then build with:

然后用：

$ west build -b circuitdojo_feather_nrf9160ns -p

Finally, flash it using west flash:

最后，使用west flash对其进行west flash ：

$ west flash --erase
$ nrfjprog -r

Open your serial terminal and double check that your nRF9160 Feather is connecting. You can also use LTE Link Monitor to view your progress as well (Example below).

打开串行终端，然后仔细检查nRF9160 Feather是否已连接。 您也可以使用LTE Link Monitor查看进度(以下示例)。

Lots of the information above came from Nordic's post on the subject.

上面的许多信息来自Nordic关于该主题的帖子。

传送讯息 (Sending a message)

We’re almost there! You’ve configured your nRF9160 Feather to connect to Mosquitto using self-generated certificates. The last part is connecting another device to see if the nRF9160 Feather replies to a message.

我们快到了！ 您已将nRF9160 Feather配置为使用自行生成的证书连接到Mosquitto。 最后一部分是连接另一台设备，以查看nRF9160 Feather是否回复了消息。

I’ve created a new set of certs for this purpose. I called them test.

为此，我创建了一组新的证书。 我叫他们test 。

$ easyrsa gen-req test nopass batch
$ easyrsa sign-req client test batch

I copied them to my desktop using CyberDuck (a great little visual SFTP client):

我使用Cyber​​Duck(一个很棒的可视SFTP客户端)将它们复制到了我的桌面上：

You can also use something like scp if you're confident in your command line file transfer abilities. Then, open a terminal and run:

如果您对命令行文件传输功能有信心，也可以使用诸如scp 。 然后，打开一个终端并运行：

mosquitto_sub --cafile ca.crt --cert test.crt --key test.key -q 1 -d -h testserver.jaredwolff.com -p 8885 -t "/my/publish/topic" &
mosquitto_pub --cafile ca.crt --cert test.crt --key test.key -q 1 -d -h testserver.jaredwolff.com -p 8885 -t "/my/subscribe/topic" -m "hello there"

You should see an output like this:

您应该看到如下输出：

$ mosquitto_sub --cafile ca.crt --cert test.crt --key test.key -q 1 -d -h testserver.jaredwolff.com -p 8885 -t "/my/publish/topic" &
$ mosquitto_pub --cafile ca.crt --cert test.crt --key test.key -q 1 -d -h testserver.jaredwolff.com -p 8885 -t "/my/subscribe/topic" -m "hello there"
Client mosq-CczskQKzMKdtTo4O4s sending CONNECT
Client mosq-CczskQKzMKdtTo4O4s received CONNACK (0)
Client mosq-CczskQKzMKdtTo4O4s sending PUBLISH (d0, q1, r0, m1, '/my/subscribe/topic', ... (11 bytes))
Client mosq-CczskQKzMKdtTo4O4s received PUBACK (Mid: 1, RC:0)
Client mosq-CczskQKzMKdtTo4O4s sending DISCONNECT
MacBook-Pro:Downloads jaredwolff$ Client mosq-qK8tMlJk0Qri4Z7jUo sending PINGREQ
Client mosq-qK8tMlJk0Qri4Z7jUo received PINGRESP
MacBook-Pro:Downloads jaredwolff$ Client mosq-qK8tMlJk0Qri4Z7jUo received PUBLISH (d0, q0, r0, m0, '/my/publish/topic', ... (11 bytes))
hello there

Booyah! You have an active working connection to your very own Mosquitto server.

oy！ 您与自己的Mosquitto服务器有活动的工作连接。

结论 (Conclusion)

We’ve made it to the end! By this point in the post, you should have a Mosquitto server running and an nRF9160 connected. Now you can use your new-found skills to add more devices to your deployments and more.

我们已经做到了！ 到此为止，您应该已经在运行Mosquitto服务器并连接了nRF9160。 现在，您可以使用新发现的技能将更多设备添加到您的部署中，甚至更多。

If you haven’t had a chance to play with the nRF9160 you should check out the nRF9160 Feather. It has Nordic Semiconductor’s nRF9160 LTE-M, NB IoT + GPS Combo, plus flexible power supply, external flash, and low power shutdown.

如果您没有机会使用nRF9160，请检查nRF9160 Feather。 它具有Nordic Semiconductor的nRF9160 LTE-M，NB IoT + GPS组合，以及灵活的电源，外部闪光灯和低功耗关机功能。

Oh, and did I mention it’s 100% open source? Learn more by checking out the campaign on GroupGets and Hackster Launch. 🎉

哦，我是否提到过它是100％开源的？ 通过在GroupGets和Hackster Launch上查看活动来了解更多信息。 🎉

Photo credit to the awesome folks at GroupGets!

照片由GroupGets的优秀人员提供 ！

You can read this article and lots of other good stuff at jaredwolff.com.

您可以在jaredwolff.com上阅读本文以及许多其他好东西。

翻译自: https://www.freecodecamp.org/news/how-to-connect-the-nrf9160-feather-to-mosquitto/

nrf oob实例