mosquitto_pub -h han1 -p 8883 -t "/mqtt/1" --cafile /home/pi/ca/ca-chain.cert.pem --cert /home/pi/ca/client.crt --key /home/pi/ca/client.key --tls-version tlsv1 -d -m 1112
pi@pi:~/ca $ mosquitto_sub -h han1 -t "/mqtt/1" --cafile /home/pi/ca/ca-chain.cert.pem --cert /home/pi/ca/client.crt --key /home/pi/ca/client.key -p 8883 -d --insecure
Client mosqsub/31833-pi sending CONNECT
Client mosqsub/31833-pi received CONNACK
Client mosqsub/31833-pi sending SUBSCRIBE (Mid: 1, Topic: /mqtt/1, QoS: 0)
Client mosqsub/31833-pi received SUBACK
Subscribed (mid: 1): 0
Client mosqsub/31833-pi received PUBLISH (d0, q0, r0, m0, '/mqtt/1', ... (2 bytes))
11
Client mosqsub/31833-pi sending PINGREQ
Client mosqsub/31833-pi received PINGRESP
Client mosqsub/31833-pi received PUBLISH (d0, q0, r0, m0, '/mqtt/1', ... (4 bytes))
1112
openssl req -x509 -config openssl.cnf -newkey rsa:2048 -days 1365 \
-out ca_certificate_bundle.pem -outform PEM -subj /CN=han1/ -nodes
openssl req -new -key private_key.pem -out req.pem -outform PEM \
-subj /CN=han1/O=server/ -nodes
cd ../testca
openssl ca -config openssl.cnf -in ../server/req.pem -out \
../server/server_certificate.pem -notext -batch -extensions server_ca_extensions
cd ../server
openssl pkcs12 -export -out server_certificate.p12 -in server_certificate.pem -inkey private_key.pem \
-passout pass:111111
cd ..
ls
# => server testca
mkdir client
cd client
openssl genrsa -out private_key.pem 2048
openssl req -new -key private_key.pem -out req.pem -outform PEM \
-subj /CN=han1/O=client/ -nodes
cd ../testca
openssl ca -config openssl.cnf -in ../client/req.pem -out \
../client/client_certificate.pem -notext -batch -extensions client_ca_extensions
cd ../client
openssl pkcs12 -export -out client_certificate.p12 -in client_certificate.pem -inkey private_key.pem \
-passout pass:111111