EMQX MQTT 微信小程序接入搭建_微信小程序 emqx

1、通过域名去申请CA 颁发的证书：xxx.com_cert_chain.pem && xxx.com_key.key

2、域名需要在小程序管理后台(开发 -> 开发设置 -> 服务器域名 -> socket 合法域名)添加

3、证书申请绑定时，必须与所使用的服务器域名一致，建议使用 Nginx 来做反向代理并终结证书，相关配置如下：

 server {
        listen  443 ssl;        
        server_name xxx.lz-qs.com; // 签名证书域名
        ssl_certificate   /usr/local/nginx/cert/ssl/xxx_cert_chain.pem;
        ssl_certificate_key  /usr/local/nginx/cert/ssl/xxx_key.key;
        ssl_session_timeout  5m;      
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;
 
    # 添加反向代理
 
        location /mqtt {
          proxy_pass http://192.168.10.xx:8084/mqtt;
          proxy_set_header Host $host;
          proxy_set_header X-Real-IP $remote_addr;
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
          # client_max_body_size 35m;
          proxy_http_version 1.1;
          proxy_set_header Upgrade $http_upgrade;
          proxy_set_header Connection "upgrade";    
        }
 
    }

4、安装EMQX可以参考这个链接：EQMX+Nginx集群搭建_emqx nginx_刺-客的博客-CSDN博客

5、 EMQX 配置，打开 etc/emqx.conf 配置文件，修改以下配置：

## Path to the file containing the user's private PEM-encoded key.
##
## See: listener.ssl.$name.keyfile
##
## Value: File --CA证书路径
listener.wss.external.keyfile = /usr/local/nginx/cert/ssl/xxx_key.key
 
## Path to a file containing the user certificate.
##
## See: listener.ssl.$name.certfile
##
## Value: File--CA证书路径
listener.wss.external.certfile = /usr/local/nginx/cert/ssl/xxx_cert_chain.pem
 
## Path to the file containing PEM-encoded CA certificates.
##
## See: listener.ssl.$name.cacert
##
## Value: File--CA证书路径
listener.wss.external.cacertfile = /usr/local/nginx/cert/ssl/xxx_cert_chain.pem

 6、用客户端连接测试一下：

 至此已完成！