我将使用MQTTnet简单地连接到AWS。MqttClient,并且知道库不单独支持这3个文件,所以我首先从客户端证书和客户端密钥创建一个.pfx文件。然后我使用以下代码将.pfx + CA根文件发送到服务器:
var certificates = new List<X509Certificate>();
var certCA = X509Certificate.CreateFromCertFile(CA_PATH);
certificates.Add(certCA);
var certPFX = X509Certificate.CreateFromCertFile(CA_PFX);
certificates.Add(certPFX);
var messageBuilder = new MqttClientOptionsBuilder().WithCleanSession();
messageBuilder = messageBuilder.WithTcpServer(MQTT_Host, MQTT_Port);
messageBuilder = messageBuilder.WithTls(new MqttClientOptionsBuilderTlsParameters()
{
SslProtocol = SslProtocols.Tls12,
AllowUntrustedCertificates = true,
UseTls = true,
Certificates = certificates,
});
var options = messageBuilder.Build();
var managedOptions = new ManagedMqttClientOptionsBuilder()
.WithAutoReconnectDelay(TimeSpan.FromSeconds(MQTT_AutoReconnect_Delay))
.WithClientOptions(options)
.Build();
await client.StartAsync(managedOptions);
但是我总是得到这个Exception:
<>以前MQTTnet.Exceptions。MqttCommunicationException:远程证书被提供的RemoteCertificateValidationCallback拒绝。authenticationexception:远程证书被提供的RemoteCertificateValidationCallback拒绝。在System.Net.Security.SslStream。SendAuthResetSignal(ProtocolToken消息,ExceptionDispatchInfo异常)在System.Net.Security.SslStream。ForceAuthenticationAsync[TIOAdapter](TIOAdapter adapter, Boolean receiveFirst, Byte[] reAuthenticationData, Boolean isApm)在MQTTnet.Implementations.MqttTcpChannel。ConnectAsync (CancellationToken CancellationToken)在MQTTnet.Implementations.MqttTcpChannel。ConnectAsync (CancellationToken CancellationToken)在MQTTnet.Internal.MqttTaskTimeout。WaitAsync(Func ' 2 action, TimeSpan timeout, CancellationToken)在MQTTnet.Adapter.MqttChannelAdapter。ConnectAsync(TimeSpan timeout, CancellationToken CancellationToken)我可以使用Node-Red或MQTT Explorer连接相同的文件。我的凭证文件或MQTTnet Nuget有什么问题?
ca证书在大多数平台中不需要,因为它们使用可信证书。查看https://github.com/iotmodels/MQTTnet.Extensions.MultiCloud