中专网站建设与管理就业前景,建站方法,石家庄快速网站搭建,网站设计uiMQTT Paho Android 支持SSL/TLS(亲测有效)
登录时支持ssl的交互
这是调测登录界面设计
代码中对ssl/tls的支持
使用MqttAndroidClient配置mqtt客户端请求时#xff0c;不加密及加密方式连接存在以下几点差异#xff1a;
url及端口差异 val uri: String if (tlsConnect…
MQTT Paho Android 支持SSL/TLS(亲测有效)
登录时支持ssl的交互
这是调测登录界面设计
代码中对ssl/tls的支持
使用MqttAndroidClient配置mqtt客户端请求时不加密及加密方式连接存在以下几点差异
url及端口差异 val uri: String if (tlsConnection) {ssl://$host:$port} else {tcp://$host:$port}支持tls时url前缀是ssl: 普通mqtt连接时候前缀是tcp
端口差异 tcp请求时默认端口1883 ssl请求时默认端口是8883
socketFactory配置项
笔者项目中只支持单向验证即客户端验证服务端所以需要在客户端加载服务端证书用于ssl连接 if(connection.isSSL 1){//单项验证客户端验证服务端onenet提供的.pem证书需要用keytool转成java支持的bks、或者jks等connOpts.socketFactory connection.client.getSSLSocketFactory(context.assets.open(MQTTS-certificate.bks), 12345678)connOpts.isHttpsHostnameVerificationEnabled falseconnOpts.setSSLHostnameVerifier { _, _ - true }}说明
java中不支持pem证书加载所以需要使用keytool工具将pem格式证书转成java/android支持的bks或者jks等 keytool -importcert -v -trustcacerts -file ./MQTTS-certificate.pem -alias ca -keystore ./mqtt.bks -storetype BKS -provider org.bouncycastle.jce.provider.BouncyCastleProvider -providerpath ./bcprov-ext-jdk18on-176.jarbcprov-ext-jdk18on-176.jar需要从以下地址下载 https://www.bouncycastle.org/latest_releases.html
证书中会涉及域名验证如果证书中缺少这个字段那么运行时候会报下面错误 MqttException (0) - javax.net.ssl.SSLHandshakeException: No subjectAltNames on the certificate match 解决办法是跳过域名及host验证的流程
connOpts.isHttpsHostnameVerificationEnabled false
connOpts.setSSLHostnameVerifier { _, _ - true }client.getSSLSocketFactory实现
下面我们看看MqttAndroidClient创建sslSocketFactory的具体实现代码。
//info.mqtt.android.service.MqttAndroidClient/*** Get the SSLSocketFactory using SSL key store and password* A convenience method, which will help user to create a SSLSocketFactory* object** param keyStore the SSL key store which is generated by some SSL key tool,* such as keytool in Java JDK* param password the password of the key store which is set when the key store* is generated* return SSLSocketFactory used to connect to the server with SSL* authentication* throws MqttSecurityException if there was any error when getting the SSLSocketFactory*/Throws(MqttSecurityException::class)fun getSSLSocketFactory(keyStore: InputStream?, password: String): SSLSocketFactory {return try {val sslSockFactory: SSLSocketFactoryval ts: KeyStore KeyStore.getInstance(BKS)ts.load(keyStore, password.toCharArray())val tmf TrustManagerFactory.getInstance(X509)tmf.init(ts)val tm tmf.trustManagersval ctx: SSLContext SSLContext.getInstance(TLSv1)ctx.init(null, tm, null)sslSockFactory ctx.socketFactorysslSockFactory} catch (e: KeyStoreException) {throw MqttSecurityException(e)} catch (e: CertificateException) {throw MqttSecurityException(e)} catch (e: IOException) {throw MqttSecurityException(e)} catch (e: NoSuchAlgorithmException) {throw MqttSecurityException(e)} catch (e: KeyManagementException) {throw MqttSecurityException(e)}}Github
https://github.com/hannesa2/paho.mqtt.android https://github.com/eclipse/paho.mqtt.android
项目中涉及的sample示例代码很值得一探究竟对你掌握MQTT相关支持很有帮助喔
