当我尝试连接mqtt服务器时,使用HIVEMQ上的客户端,我会得到以下错误:
Firefox can’t establish a connection to the server at ws://xxx.com:8083/mqtt.
Connect failed: AMQJS0007E Socket error:undefined.
我使用以下参数:
- 主机:xxx.com
- 端口:8083
运行命令蚊子,我得到了回应:
[ 1615.745348]~DLT~ 1670~INFO ~FIFO /tmp/dlt cannot be opened. Retrying later...
1608926628: mosquitto version 1.6.9 starting
1608926628: Config loaded from /etc/mosquitto/conf.d/default.conf.
1608926628: Opening ipv4 listen socket on port 1883.
1608926628: Opening ipv4 listen socket on port 8883.
1608926628: Opening ipv6 listen socket on port 8883.
1608926628: Opening websockets listen socket on port 8083.
我的Mosquitto conf文件是:
allow_anonymous false
password_file /etc/mosquitto/passwd
listener 1883 localhost
listener 8883
certfile /etc/letsencrypt/live/burooq.com/cert.pem
cafile /etc/letsencrypt/live/burooq.com/chain.pem
keyfile /etc/letsencrypt/live/burooq.com/privkey.pem
listener 8083
protocol websockets
certfile /etc/letsencrypt/live/burooq.com/cert.pem
cafile /etc/letsencrypt/live/burooq.com/chain.pem
keyfile /etc/letsencrypt/live/burooq.com/privkey.pem
寻找所有打开的端口,我得到:
To Action From
-- ------ ----
[ 1] Apache Full ALLOW IN Anywhere
[ 2] 22/tcp ALLOW IN Anywhere
[ 3] 22 ALLOW IN Anywhere
[ 4] 80/tcp ALLOW IN Anywhere
[ 5] 80 ALLOW IN Anywhere
[ 6] 443/tcp ALLOW IN Anywhere
[ 7] 443 ALLOW IN Anywhere
[ 8] 80,443/tcp ALLOW IN Anywhere
[ 9] 8883 ALLOW IN Anywhere
[10] 8083 ALLOW IN Anywhere
[11] 2222 ALLOW IN Anywhere
[12] Apache Full (v6) ALLOW IN Anywhere (v6)
[13] 22/tcp (v6) ALLOW IN Anywhere (v6)
[14] 22 (v6) ALLOW IN Anywhere (v6)
[15] 80/tcp (v6) ALLOW IN Anywhere (v6)
[16] 80 (v6) ALLOW IN Anywhere (v6)
[17] 443/tcp (v6) ALLOW IN Anywhere (v6)
[18] 443 (v6) ALLOW IN Anywhere (v6)
[19] 80,443/tcp (v6) ALLOW IN Anywhere (v6)
[20] 8883 (v6) ALLOW IN Anywhere (v6)
[21] 8083 (v6) ALLOW IN Anywhere (v6)
[22] 2222 (v6) ALLOW IN Anywhere (v6)
- Mosquito 1.6.9版本
- Ubuntu版本20.04.1 LTS
您不能使用IP地址,您必须使用为burooq.com 颁发证书的主机名
原因是浏览器将无法验证来自代理的证书,因为它将没有IP地址的CN或SAN条目。
您还需要确保防火墙配置为允许端口8083 上的外部访问
编辑:
此外,刚刚仔细检查了HiveMQ Websocket展示页面,它似乎不支持通过Websockets代理连接到TLS安全的MQTT。
我必须为日志创建文件位置
$ mkfifo /tmp/dlt
更改Mosquitto配置文件中的侦听端口
$ vim /etc/mosquitto/mymosqui.conf
Listeners 8443
重启Mosquitto:
$ sudo service mosquitto restart
检查状态:
$ sudo service mosquitto status
检查端口是否正在侦听:
$ netstat -tulpn | grep mos
tcp 0 0 0.0.0.0:8443 0.0.0.0:* LISTEN 148132/mosquitto
tcp6 0 0 :::8443 :::* LISTEN
148132/mosquitto