我将使用 MQTTnet.MqttClient 简单地连接到 AWS,并且知道该库不单独支持这 3 个文件,因此我首先从客户端证书和客户端密钥创建一个 .pfx 文件。然后我使用以下代码将 .pfx + CA Root 文件发送到服务器:
var certificates = new List<X509Certificate>();
var certCA = X509Certificate.CreateFromCertFile(CA_PATH);
certificates.Add(certCA);
var certPFX = X509Certificate.CreateFromCertFile(CA_PFX);
certificates.Add(certPFX);
var messageBuilder = new MqttClientOptionsBuilder().WithCleanSession();
messageBuilder = messageBuilder.WithTcpServer(MQTT_Host, MQTT_Port);
messageBuilder = messageBuilder.WithTls(new MqttClientOptionsBuilderTlsParameters()
{
SslProtocol = SslProtocols.Tls12,
AllowUntrustedCertificates = true,
UseTls = true,
Certificates = certificates,
});
var options = messageBuilder.Build();
var managedOptions = new ManagedMqttClientOptionsBuilder()
.WithAutoReconnectDelay(TimeSpan.FromSeconds(MQTT_AutoReconnect_Delay))
.WithClientOptions(options)
.Build();
await client.StartAsync(managedOptions);
但我总是得到这个例外:
MQTTnet.Exceptions.MqttCommunicationException:远程证书被提供的 RemoteCertificateValidationCallback 拒绝。 System.Security.Authentication.AuthenticationException:远程证书被提供的 RemoteCertificateValidationCallback 拒绝。 在 System.Net.Security.SslStream.SendAuthResetSignal(ProtocolToken 消息,ExceptionDispatchInfo 异常) 在 System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](TIOAdapter 适配器,布尔接收第一,字节 [] reAuthenticationData,布尔 isApm) 在 MQTTnet.Implementations.MqttTcpChannel.ConnectAsync(CancellationToken cancelToken) 在 MQTTnet.Implementations.MqttTcpChannel.ConnectAsync(CancellationToken cancelToken) 在 MQTTnet.Internal.MqttTaskTimeout.WaitAsync(Func`2 动作,TimeSpan 超时,CancellationToken cancelToken) 在 MQTTnet.Adapter.MqttChannelAdapter.ConnectAsync(时间跨度超时,CancellationToken 取消令牌)
我可以使用 Node-Red 或 MQTT Explorer 连接相同的文件。我的凭证文件或 MQTTnet Nuget 有什么问题?