证书的生成和配置请参考mosquitto使用与openssl证书配置_mosquitto 证书-CSDN博客
-
- 下载和编译
# 下载paho.mqtt.c代码
git clone git@github.com:eclipse/paho.mqtt.c.git
# 编译安装
make
make install
-
- 测试paho.mqtt.c
2.1订阅
修改src/samples/MQTTClient_subscribe.c
#define ADDRESS "ip"
#define TOPIC "test2"
运行订阅
cd build/output/samples
./MQTTClient_subscribe
使用mosquitto发布消息
mosquitto_pub -h "ip" -t "test2" -m "my name is xxx"
![](https://img-blog.csdnimg.cn/img_convert/a4cea6f611697382194d549bded494f2.png)
2.2发布
修改src/samples/MQTTClient_publish.c
#define ADDRESS "ip"
#define TOPIC "test1"
使用mosquitto订阅消息
mosquitto_sub -h "ip" -t "test1"
运行发布
cd build/output/samples
./MQTTClient_publish
-
- 使用openssl
3.1 启用ssl加密不做认证
# git diff src/samples/MQTTClient_publish.c
diff --git a/src/samples/MQTTClient_publish.c b/src/samples/MQTTClient_publish.c
index 399fd33..daa3522 100644
--- a/src/samples/MQTTClient_publish.c
+++ b/src/samples/MQTTClient_publish.c
@@ -19,9 +19,9 @@
#include <string.h>
#include "MQTTClient.h"
-#define ADDRESS "tcp://mqtt.eclipseprojects.io:1883"
+#define ADDRESS "ssl://192.168.186.131:1883"
#define CLIENTID "ExampleClientPub"
-#define TOPIC "MQTT Examples"
+#define TOPIC "test1"
#define PAYLOAD "Hello World!"
#define QOS 1
#define TIMEOUT 10000L
@@ -41,6 +41,11 @@ int main(int argc, char* argv[])
exit(EXIT_FAILURE);
}
+ MQTTClient_SSLOptions ssl_opts=MQTTClient_SSLOptions_initializer;
+ ssl_opts.enableServerCertAuth=0;
+ ssl_opts.sslVersion=MQTT_SSL_VERSION_DEFAULT;
+ conn_opts.ssl=&ssl_opts;
+
conn_opts.keepAliveInterval = 20;
conn_opts.cleansession = 1;
if ((rc = MQTTClient_connect(client, &conn_opts)) != MQTTCLIENT_SUCCESS)
# 订阅
mosquitto_sub -h 192.168.186.131 -t test --cafile ./ca.crt
# 发布
./build/output/samples/MQTTClient_publish
3.2单向认证
注意在mosquitto配置文件中配置证书路径
# git diff src/samples/MQTTClient_publish.c
diff --git a/src/samples/MQTTClient_publish.c b/src/samples/MQTTClient_publish.c
index 399fd33..1155f24 100644
--- a/src/samples/MQTTClient_publish.c
+++ b/src/samples/MQTTClient_publish.c
@@ -19,9 +19,9 @@
#include <string.h>
#include "MQTTClient.h"
-#define ADDRESS "tcp://mqtt.eclipseprojects.io:1883"
+#define ADDRESS "ssl://192.168.186.131:1883"
#define CLIENTID "ExampleClientPub"
-#define TOPIC "MQTT Examples"
+#define TOPIC "test"
#define PAYLOAD "Hello World!"
#define QOS 1
#define TIMEOUT 10000L
@@ -41,6 +41,11 @@ int main(int argc, char* argv[])
exit(EXIT_FAILURE);
}
+ MQTTClient_SSLOptions ssl_opts=MQTTClient_SSLOptions_initializer;
+ ssl_opts.trustStore = "/home/sy/key/ca.crt";
+ ssl_opts.sslVersion=MQTT_SSL_VERSION_DEFAULT;
+ conn_opts.ssl=&ssl_opts;
+
conn_opts.keepAliveInterval = 20;
conn_opts.cleansession = 1;
if ((rc = MQTTClient_connect(client, &conn_opts)) != MQTTCLIENT_SUCCESS)
# 订阅
mosquitto_sub -h 192.168.186.131 -t test --cafile ./ca.crt
# 发布
./build/output/samples/MQTTClient_publish
3.3双向认证
注意在mosquitto配置文件中开启require_certificate true。
# git diff src/samples/MQTTClient_publish.c
diff --git a/src/samples/MQTTClient_publish.c b/src/samples/MQTTClient_publish.c
index 399fd33..7a0fe3f 100644
--- a/src/samples/MQTTClient_publish.c
+++ b/src/samples/MQTTClient_publish.c
@@ -19,9 +19,9 @@
#include <string.h>
#include "MQTTClient.h"
-#define ADDRESS "tcp://mqtt.eclipseprojects.io:1883"
+#define ADDRESS "ssl://192.168.186.131:1883"
#define CLIENTID "ExampleClientPub"
-#define TOPIC "MQTT Examples"
+#define TOPIC "test"
#define PAYLOAD "Hello World!"
#define QOS 1
#define TIMEOUT 10000L
@@ -41,6 +41,13 @@ int main(int argc, char* argv[])
exit(EXIT_FAILURE);
}
+ MQTTClient_SSLOptions ssl_opts=MQTTClient_SSLOptions_initializer;
+ ssl_opts.trustStore = "/home/sy/key/ca.crt";
+ ssl_opts.privateKey = "/home/sy/key/client.key";
+ ssl_opts.keyStore = "/home/sy/key/client.crt";
+ ssl_opts.sslVersion=MQTT_SSL_VERSION_DEFAULT;
+ conn_opts.ssl=&ssl_opts;
+
conn_opts.keepAliveInterval = 20;
conn_opts.cleansession = 1;
if ((rc = MQTTClient_connect(client, &conn_opts)) != MQTTCLIENT_SUCCESS)
# 订阅
sudo mosquitto_sub -h 192.168.186.131 -t test --cafile ./ca.crt --cert ./client.crt --key ./client.key
# 发布
./build/output/samples/MQTTClient_publish