我正在编写收集一些硬件输入并将其发送到 MQTT 代理的应用程序。目前,代理仅使用凭据,不使用 SSL,并且一切正常。(程序是用 C++、Linux 编写的。我使用 Paho MQTT 库——通过包含源代码,而不是编译库)但是我需要开发的下一个功能是 TLS 保护的连接。我有一个 pem 格式的 CA 根证书文件。在 MQTT.fx 应用程序中,我将此文件的路径设置为“CA 证书文件”字段,一切正常。但是在代码中,我找不到如何设置这个文件。
我的代码:
//initialize options
MQTTClient client;
char * address = "our broker address:8883";
char * clientID = "Our ID";
MQTTClient_connectOptions conn_opts = MQTTClient_connectOptions_initializer;
MQTTClient_SSLOptions ssl_opts = MQTTClient_SSLOptions_initializer;
conn_opts.MQTTVersion =MQTTVERSION_3_1_1;
conn_opts.serverURIcount =0;
conn_opts.serverURIs = NULL;
conn_opts.username= creds->getUser();
conn_opts.password= creds->getPwd();
// starting ssl setting
ssl_opts = MQTTClient_SSLOptions_initializer;
ssl_opts.CApath = [filepath]/ca.pem; // I tried to use trustStore and keyStore- the same effect
ssl_opts.sslVersion = 3;
ssl_opts.ssl_error_cb = SSL_err_handler;
conn_opts.ssl = & ssl_opts;
ssl_opts.struct_version =1;
conn_opts.struct_version = 1;
MQTTClient_create(&client, address, clientID, MQTTCLIENT_PERSISTENCE_NONE, NULL );
int rc;
if ( (rc = MQTTClient_connect( client, &conn_opts)) != MQTTCLIENT_SUCCESS)
{
printf( "failed to connect, code is %d\n", rc);
return rc;
}
// continue execution
MQTTClient_connect 返回 -1- 错误套接字
我哪里错了?