环境信息
- EMQ X 版本:4.3.5
- 操作系统及版本:centos 7.5
- 其他
问题描述
两台搭建的集群,其他一台机可以开启mysql认证,另一台机报Reload plugin emqx_auth_mysql error: parse_config_file_failed.
配置文件及日志
##--------------------------------------------------------------------
## MySQL Auth/ACL Plugin
##--------------------------------------------------------------------
## MySQL server address.
##
## Value: Port | IP:Port
##
## Examples: 3306, 127.0.0.1:3306, localhost:3306
auth.mysql.server = 10.252.7.188:3306
## MySQL pool size.
##
## Value: Number
auth.mysql.pool = 8
## MySQL username.
##
## Value: String
auth.mysql.username = admin
## MySQL password.
##
## Value: String
auth.mysql.password = Ecpp888888!
## MySQL database.
##
## Value: String
auth.mysql.database = ecpp_device
## MySQL query timeout
##
## Value: Duration
auth.mysql.query_timeout = 5s
## Variables: %u = username, %c = clientid
## Authentication query.
##
## Note that column names should be 'password' and 'salt' (if used).
## In case column names differ in your DB - please use aliases,
## e.g. "my_column_name as password".
##
## Value: SQL
##
## Variables:
## - %u: username
## - %c: clientid
## - %C: common name of client TLS cert
## - %d: subject of client TLS cert
##
auth.mysql.auth_query = select password from device_info where username = '%u' limit 1
## auth.mysql.auth_query = select password_hash as password from mqtt_user where username = '%u' limit 1
## Password hash.
##
## Value: plain | md5 | sha | sha256 | bcrypt
#auth.mysql.password_hash = sha256
## sha256 with salt prefix
auth.mysql.password_hash = salt,sha256
## bcrypt with salt only prefix
## auth.mysql.password_hash = salt,bcrypt
## sha256 with salt suffix
## auth.mysql.password_hash = sha256,salt
## pbkdf2 with macfun iterations dklen
## macfun: md4, md5, ripemd160, sha, sha224, sha256, sha384, sha512
## auth.mysql.password_hash = pbkdf2,sha256,1000,20
## Superuser query.
##
## Value: SQL
##
## Variables:
## - %u: username
## - %c: clientid
## - %C: common name of client TLS cert
## - %d: subject of client TLS cert
##
auth.mysql.super_query = select is_superuser from mqtt_user where username = '%u' limit 1
## ACL query.
##
## Value: SQL
##
## Variables:
## - %a: ipaddr
## - %u: username
## - %c: clientid
##
## Note: You can add the 'ORDER BY' statement to control the rules match order
auth.mysql.acl_query = select allow, ipaddr, username, clientid, access, topic from mqtt_acl where ipaddr = '%a' or username = '%u' or username = '$all' or clientid = '%c'
## Mysql ssl configuration.
##
## Value: on | off
#auth.mysql.ssl = off
## CA certificate.
##
## Value: File
#auth.mysql.ssl.cacertfile = /path/to/ca.pem
## Client ssl certificate.
##
## Value: File
#auth.mysql.ssl.certfile = /path/to/your/clientcert.pem
## Client ssl keyfile.
##
## Value: File
#auth.mysql.ssl.keyfile = /path/to/your/clientkey.pem
## In mode verify_none the default behavior is to allow all x509-path
## validation errors.
##
## Value: true | false
#auth.mysql.ssl.verify = false
## If not specified, the server's names returned in server's certificate is validated against
## what's provided `auth.mysql.server` config's host part.
## Setting to 'disable' will make EMQ X ignore unmatched server names.
## If set with a host name, the server's names returned in server's certificate is validated
## against this value.
##
## Value: String | disable
## auth.mysql.ssl.server_name_indication = disable