发送到我的MQTT
我有mycert.crt文件,我想使用我的Java代码连接到服务器。我的标题为异常。我的代码如下:
final MqttConnectOptions connnOpt = new MqttConnectOptions();
connnOpt.setCleanSession(false);
connnOpt.setKeepAliveInterval(2000);
connnOpt.setUserName(user.getUsername());
connnOpt.setPassword(user.getSDPApiDriver().getToken().toCharArray());
connnOpt.setConnectionTimeout(20000);
String sslCert="/mycert.crt";
System.setProperty("javax.net.ssl.trustStore", sslCert);
System.setProperty("javax.net.ssl.trustStorePassword", "expectBrilliance");
System.setProperty("https.protocols", "TLSv1,TLSv1.1,TLSv1.2");
KeyStore ks = KeyStore.getInstance("JKS");
InputStream jksInputStream = this.getClass().getResourceAsStream(sslCert);
ks.load(jksInputStream, "expectBrilliance".toCharArray()); //thrown exception
KeyManagerFactory kmf =
KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(ks, "expectBrilliance".toCharArray());
TrustManagerFactory tmf =
TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(ks);
SSLContext sc = SSLContext.getInstance("TLS");
TrustManager[] trustManagers = tmf.getTrustManagers();
sc.init(kmf.getKeyManagers(), trustManagers, null);
SSLSocketFactory ssf = sc.getSocketFactory();
connnOpt.setSocketFactory(ssf);
String locationTopic = "abcd/efgh/" + dongleId + "/events";
final MqttClient client = new MqttClient(clientDevice.getBrokerUrl(), dongleId,null);
client.connect(connnOpt);
System.out.println("client status : " + client.isConnected());
在我的java.security中有keystore.type = jks使用此mycert.crt文件,我可以使用MQTT-SPY登录到HIVEMQ服务器。用户名:ABCD密码:WXYZ安全选项卡-TLS 模式:CA证书 协议:TLSV1CA证书文件:mycert.zip我正在浏览不同的网站,但现在得到答案。
上面的问题通过使用以下命令将.crt文件转换为.jks来解决:$ KEYTOOL -IMPORTCERT -FILE桌面 mycert mycert.crt -keystore desktop mycert.jks -Alias Changeit//更改是CRT的密码
然后遵循正常的SSL阅读步骤:
public static SSLSocketFactory acceptMyCertificate(String sslCert) {
final char[] JKS_PASSWORD = "changeit".toCharArray();
final char[] KEY_PASSWORD = "changeit".toCharArray();
System.setProperty("https.protocols", "TLSv1,TLSv1.1,TLSv1.2");
try {
final KeyStore keyStore = KeyStore.getInstance("JKS");
String workingDir = System.getProperty("user.dir");
final String path = workingDir+sslCert;
final InputStream is = new FileInputStream(path);
keyStore.load(is, JKS_PASSWORD);
final KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(keyStore, KEY_PASSWORD);
final TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(keyStore);
final SSLContext sc = SSLContext.getInstance("TLS");
sc.init(kmf.getKeyManagers(), tmf.getTrustManagers(), new java.security.SecureRandom());
final SSLSocketFactory socketFactory = sc.getSocketFactory();
return socketFactory;
} catch (GeneralSecurityException exc) {
throw new RuntimeException(exc);
}
catch (IOException exc) {
throw new RuntimeException(exc);
}
}
现在,我可以使用转换的.jks文件