-
Notifications
You must be signed in to change notification settings - Fork 33
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support TLS/SSL connections? #24
Comments
https://github.com/sskaje/mqtt/blob/master/test/tls1.2/connect.php |
yes。thank you。 |
请问ssl的证书要在哪里设置?看test上好像没有配置证书的路径。 |
Hi A small contribution to this issue. Here is how I use TLS with this library, and it works. The code below is reactored to drop specificies of my project and make it more understandable. /**
* Builds a MQTT
* @param string $socketAddress
* @param integer $port
* @param boolean $isTls
* @return sskaje\mqtt\MQTT an instance of a MQTT client
*/
protected function buildMqtt($socketAddress, $port, $isTls) {
$protocol = $isTls ? "ssl://" : "tcp://";
$mqtt = new sskaje\mqtt\MQTT("$protocol$socketAddress:$port");
if ($isTls) {
$mqtt->setSocketContext(stream_context_create([
'ssl' => [
'cafile' => '/path/to/CACert-mqtt.crt',
'verify_peer' => false,
'verify_peer_name' => false,
'disable_compression' => true,
'ciphers' => 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:AES128:AES256:RC4-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK',
'crypto_method' => STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT | STREAM_CRYPTO_METHOD_SSLv23_CLIENT,
'SNI_enabled' => true,
'allow_self_signed' => true
]
]
));
}
$mqtt->setKeepalive(50);
return $mqtt;
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
No description provided.
The text was updated successfully, but these errors were encountered: