mosquitto.conf
port 8883
cafile /home/ubuntu/ca/ca.crt
certfile /home/ubuntu/ca/server.crt
keyfile /home/ubuntu/ca/server.key
ca directory: /home/ubuntu/ca
ca
openssl genrsa -des3 -out ca.key 2048
openssl req -new -x509 -days 1826 -key ca.key -out ca.crt
server
openssl genrsa -out server.key 2048
openssl req -new -out server.csr -key server.key
openssl x509 -req -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt -days 360
client
openssl genrsa -out client.key 2048
openssl req -new -out client.csr -key client.key
openssl x509 -req -in client.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out client.crt -days 360
test
mosquitto -c “/etc/mosquitto/mosquitto.conf” -v
mosquitto_sub -h 192.168.1.181 -i 111 -p 8883 -t “111” –cafile /home/ubuntu/ca/ca.crt –cert /home/ubuntu/ca/client.crt –key /home/ubuntu/ca/client.key –insecure
mosquitto_pub -h 192.168.1.181 -p 8883 -t “111” -m “this is w show” –cafile /home/ubuntu/ca/ca.crt –cert /home/ubuntu/ca/client.crt –key /home/ubuntu/ca/client.key –insecure
参考
http://www.steves-internet-guide.com/mosquitto-tls/