使用paho_mqtt_c库实现mqtt的ssl加密通讯_paho mqtt ssl

最近做mqtt加密传输，做此笔记备忘

开源库版本：paho.mqtt.c-1.3.6.tar.gz

编译：将paho_mqtt_c/CMakeList.txt中：启用SSL编译

SET(PAHO_WITH_SSL TRUE CACHE BOOL "Flag that defines whether to build ssl-enabled binaries too. ")

编译为静态库：

SET(PAHO_BUILD_SHARED TRUE CACHE BOOL "Build shared library")

SET(PAHO_BUILD_STATIC TRUE CACHE BOOL "Build static library")

编译后引用静态库:paho-mqtt3cs.a

代码实现部分：

启用ssl加密不做认证：
MQTTClient_SSLOptions ssl_opts=MQTTClient_SSLOptions_initializer;
string sslServerAdd = "ssl://127.0.0.1:8883";
string client_id = "aaa";
MQTTClient_create(&client, sslServerAdd.c_str(), client_id.c_str(), MQTTCLIENT_PERSISTENCE_NONE, NULL);
ssl_opts.enableServerCertAuth=0;
ssl_opts.sslVersion=MQTT_SSL_VERSION_DEFAULT;
conn_opts.ssl=&ssl_opts;
int rc = MQTTClient_connect(client, &conn_opts);

单向认证：
MQTTClient_SSLOptions ssl_opts=MQTTClient_SSLOptions_initializer;
string sslServerAdd = "ssl://127.0.0.1:8883";
string client_id = "aaa";
MQTTClient_create(&client, sslServerAdd.c_str(), client_id.c_str(), MQTTCLIENT_PERSISTENCE_NONE, NULL);
ssl_opts.trustStore = "/tmp/ca.pem";
ssl_opts.sslVersion=MQTT_SSL_VERSION_DEFAULT;
conn_opts.ssl=&ssl_opts;
int rc = MQTTClient_connect(client, &conn_opts);

双向认证：
MQTTClient_SSLOptions ssl_opts=MQTTClient_SSLOptions_initializer;
string sslServerAdd = "ssl://127.0.0.1:8883";
string client_id = "aaa";
MQTTClient_create(&client, sslServerAdd.c_str(), client_id.c_str(), MQTTCLIENT_PERSISTENCE_NONE, NULL);
ssl_opts.trustStore = "/tmp/ca.pem";
ssl_opts.privateKey = "/tmp/client.key";
ssl_opts.keyStore = "/tmp/client.crt";
ssl_opts.sslVersion=MQTT_SSL_VERSION_DEFAULT;
conn_opts.ssl=&ssl_opts;
int rc = MQTTClient_connect(client, &conn_opts);