环境信息
- EMQX 版本:EMQX 4.4.4
- 操作系统及版本:RHEL 8
- 其他
问题描述
自定义了一个监听端口,配置如下:
listener.tcp.test= 0.0.0.0:18113
listener.tcp.test.zone = external
如何针对18113这个监听端口配置TLS双向认证,目前发现TLS认证是针对整个应用的,而且默认是8883端口,没有找到针对自定义端口如何设置认证
所有listener.ssl.external.* 相关的配置都是针对 一个名称为为 external 的 SSL 类型的监听器配置的。
意思是如果要自定义一个,建议把整个都复制一份,并把 监听的端口和证书改下,例如
listener.ssl.my_ssl_listener = 0.0.0.0:18113
listener.ssl.my_ssl_listener.zone = external
listener.ssl.my_ssl_listener.keyfile = etc/certs/my_key.pem
listener.ssl.my_ssl_listener.certfile = etc/certs/my_cert.pem
listener.ssl.my_ssl_listener.cacertfile = etc/certs/my_ca_cert.pem
重新配置了SSL,但是连接时报错:
[2022-07-05 16:11:24] [ERROR] MQTT_AED3 connect fail, MQTT.js onError trigger, Error: Connection refused: Server unavailable
at MqttClient._handleConnack (C:\Program Files\MQTTX\resources\app.asar\node_modules\mqtt\lib\client.js:1392:17)
at MqttClient._handlePacket (C:\Program Files\MQTTX\resources\app.asar\node_modules\mqtt\lib\client.js:547:12)
at work (C:\Program Files\MQTTX\resources\app.asar\node_modules\mqtt\lib\client.js:436:12)
at Writable.writable._write (C:\Program Files\MQTTX\resources\app.asar\node_modules\mqtt\lib\client.js:450:5)
at doWrite (C:\Program Files\MQTTX\resources\app.asar\node_modules\mqtt\node_modules\readable-stream\lib\_stream_writable.js:409:139)
at writeOrBuffer (C:\Program Files\MQTTX\resources\app.asar\node_modules\mqtt\node_modules\readable-stream\lib\_stream_writable.js:398:5)
at Writable.write (C:\Program Files\MQTTX\resources\app.asar\node_modules\mqtt\node_modules\readable-stream\lib\_stream_writable.js:307:11)
at TLSSocket.ondata (internal/streams/readable.js:719:22)
at TLSSocket.emit (events.js:315:20)
at addChunk (internal/streams/readable.js:309:12)
at readableAddChunk (internal/streams/readable.js:284:9)
at TLSSocket.Readable.push (internal/streams/readable.js:223:10)
at TLSWrap.onStreamRead (internal/stream_base_commons.js:188:23)
[2022-07-05 16:11:24] [INFO] MQTT_AED3 connect close, MQTT.js onClose trigger
tcpdump抓包看一下了 