将 Paho 用于 MQTT TLS 时出现错误 [SSL] PEM lib (_ssl.c:4022)
Error [SSL] PEM lib (_ssl.c:4022) when using Paho for MQTT TLS
我正在尝试使用 Paho 库连接我的 MQTT Broker。但现在我坚持这个错误。我的代码如下:
import os
import paho.mqtt.publish as publish
import paho.mqtt.client as mqtt
import ssl
from configparser import ConfigParser
.....
try:
publishInfo = {
"parking": "test"
}
config = ConfigParser()
config.read('config.ini')
ipAddressMQTT = config['MQTT']['ipaddress']
port = config['MQTT']['port']
auth = {
'username': config['MQTT']['username'],
'password': config['MQTT']['password']
}
tls = {
'ca_certs': config['MQTT']['cakeypath'],
'certfile': config['MQTT']['certKeyPath'],
'keyfile': config['MQTT']['clientkeypath'],
'tls_version': ssl.PROTOCOL_TLSv1
}
publish.single(topic='parkingStatus', payload=publishInfo, retain=True, hostname=ipAddressMQTT, port=port, keepalive=60, auth=auth, tls=tls, protocol=mqtt.MQTTv311, transport='tcp')
except Exception as e:
self.showMessage(QMessageBox.Critical, "Error...", "Error "+str(e), "Error ")
我的 config.ini 文件如下所示:
[MQTT]
ipaddress = 172.18.0.3
port = 8883
username = parking
password = public
cakeypath = /home/atn/Documents/IUK/Abschlussarbeit/emqx_mqtt_cert/ca.pem
clientkeypath = /home/atn/Documents/IUK/Abschlussarbeit/emqx_mqtt_cert/parkingspot.pem
certkeypath = /home/atn/Documents/IUK/Abschlussarbeit/emqx_mqtt_cert/parkingspot.csr
[Geofence]
ipaddress = 172.18.0.4
port = 9851
证书是使用以下命令生成的:
openssl genrsa -out parkingspot.key 2048
openssl req -new -key parkingspot.key -out parkingspot.csr -subj "/C=DE/ST=NRW/L=Dortmund/O=EMQX/CN=client"
openssl x509 -req -days 3650 -in parkingspot.csr -CA ca.pem -CAkey ca.key -CAcreateserial -out parkingspot.pem
尝试了几个小时后,我决定问问你们。请帮帮我。
在你的配置文件中你有:
certkeypath = /home/atn/Documents/IUK/Abschlussarbeit/emqx_mqtt_cert/parkingspot.csr
csr 文件通常是证书签名请求(您发送给 CA 要求颁发证书的请求)。我希望此处使用的文件具有 .key 扩展名(假设您在创建证书时使用了标准扩展名)。
可以在 的答案中找到更多信息。
我会根据字段名称(充其量是令人困惑的)猜测这些值应该是
cakeypath = /.../ca.pem
clientkeypath = /.../parkingspot.key
certkeypath = /.../parkingspot.pem
我正在尝试使用 Paho 库连接我的 MQTT Broker。但现在我坚持这个错误。我的代码如下:
import os
import paho.mqtt.publish as publish
import paho.mqtt.client as mqtt
import ssl
from configparser import ConfigParser
.....
try:
publishInfo = {
"parking": "test"
}
config = ConfigParser()
config.read('config.ini')
ipAddressMQTT = config['MQTT']['ipaddress']
port = config['MQTT']['port']
auth = {
'username': config['MQTT']['username'],
'password': config['MQTT']['password']
}
tls = {
'ca_certs': config['MQTT']['cakeypath'],
'certfile': config['MQTT']['certKeyPath'],
'keyfile': config['MQTT']['clientkeypath'],
'tls_version': ssl.PROTOCOL_TLSv1
}
publish.single(topic='parkingStatus', payload=publishInfo, retain=True, hostname=ipAddressMQTT, port=port, keepalive=60, auth=auth, tls=tls, protocol=mqtt.MQTTv311, transport='tcp')
except Exception as e:
self.showMessage(QMessageBox.Critical, "Error...", "Error "+str(e), "Error ")
我的 config.ini 文件如下所示:
[MQTT]
ipaddress = 172.18.0.3
port = 8883
username = parking
password = public
cakeypath = /home/atn/Documents/IUK/Abschlussarbeit/emqx_mqtt_cert/ca.pem
clientkeypath = /home/atn/Documents/IUK/Abschlussarbeit/emqx_mqtt_cert/parkingspot.pem
certkeypath = /home/atn/Documents/IUK/Abschlussarbeit/emqx_mqtt_cert/parkingspot.csr
[Geofence]
ipaddress = 172.18.0.4
port = 9851
证书是使用以下命令生成的:
openssl genrsa -out parkingspot.key 2048
openssl req -new -key parkingspot.key -out parkingspot.csr -subj "/C=DE/ST=NRW/L=Dortmund/O=EMQX/CN=client"
openssl x509 -req -days 3650 -in parkingspot.csr -CA ca.pem -CAkey ca.key -CAcreateserial -out parkingspot.pem
尝试了几个小时后,我决定问问你们。请帮帮我。
在你的配置文件中你有:
certkeypath = /home/atn/Documents/IUK/Abschlussarbeit/emqx_mqtt_cert/parkingspot.csr
csr 文件通常是证书签名请求(您发送给 CA 要求颁发证书的请求)。我希望此处使用的文件具有 .key 扩展名(假设您在创建证书时使用了标准扩展名)。
可以在
我会根据字段名称(充其量是令人困惑的)猜测这些值应该是
cakeypath = /.../ca.pem
clientkeypath = /.../parkingspot.key
certkeypath = /.../parkingspot.pem