Как настроить 2 way ssl в MQTT.
Клиентский jar mqttv31.1.0.jar mosquitto версия 1.4.8
При использовании аутентификации клиента при получении ошибки - ssl3_get_client_certificate: peer didне вернуть сертификат.
Ниже приведен мой файл mosquitto.conf и сведения о клиенте java:
mosquitto.conf
cafile /etc/mosquitto/ca_certificates/ca.pem
keyfile /etc/mosquitto/certs/server.key
certfile /etc/mosquitto/certs/server.pem
require_certificate true
use_identity_as_username true
port 8883
клиент java
client = new MqttClient("ssl://localhost:8883", "Session_3");
connOpt = new MqttConnectOptions();
connOpt.setCleanSession(true);
Properties sslProperties = new Properties();
sslProperties.put(SSLSocketFactoryFactory.TRUSTSTORE,
"/home/KeyStore.jks");
sslProperties.put(SSLSocketFactoryFactory.TRUSTSTOREPWD, "123456");
sslProperties.put(SSLSocketFactoryFactory.TRUSTSTORETYPE, "JKS");
sslProperties.put(SSLSocketFactoryFactory.CLIENTAUTH, true);
sslProperties.put(SSLSocketFactoryFactory.KEYSTORE,
"/home/clientStore.jks");
sslProperties.put(SSLSocketFactoryFactory.KEYSTOREPWD, "123456");
sslProperties.put(SSLSocketFactoryFactory.KEYSTORETYPE, "JKS");
connOpt.setSSLProperties(sslProperties);
client.connect(connOpt);
client.subscribe("sample_T");
client.setCallback( new MQTTSampleSubscriber() );
Получение ошибки
MQTT Con: Session_3, READ: TLSv1.2 Alert, length = 2
MQTT Con: Session_3, RECV TLSv1.2 ALERT: fatal, handshake_failure
%% Invalidated: [Session-2, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384]
MQTT Con: Session_3, called closeSocket()
MQTT Con: Session_3, Exception while waiting for close
javax.net.ssl.SSLHandshakeException: Received fatal alert:
handshake_failure
MQTT Con: Session_3, handling exception:
javax.net.ssl.SSLHandshakeException: Received fatal alert:
handshake_failure
MQTT Con: Session_3, called close()
MQTT Con: Session_3, called closeInternal(true)
mosquitto log says :
peer did not return a certificate