Replies: 1 comment
-
An example for using certs with rustls: fn root_certs() -> rumqttc::tokio_rustls::rustls::RootCertStore {
let mut roots = rumqttc::tokio_rustls::rustls::RootCertStore::empty();
let native_certs = rustls_native_certs::load_native_certs().expect("Certs not loadable!");
roots.add_parsable_certificates(native_certs);
roots
}
pub fn connect(endpoint: &str, port: u16, client_id: &str, client_cert: &str, client_key: &str) -> Result<(AsyncClient, EventLoop)> {
let mut client_cert_reader = BufReader::new(client_cert.as_bytes());
let mut client_key_reader = BufReader::new(client_key.as_bytes());
let client_certs: Vec<tokio_rustls::rustls::pki_types::CertificateDer<'_>> =
rustls_pemfile::certs(&mut client_cert_reader)
.into_iter()
.filter_map(|cert| cert.ok())
.collect();
let client_keys: Vec<PrivateKeyDer<'_>> = rustls_pemfile::read_all(&mut client_key_reader)
.into_iter()
.filter_map(|item| {
match item {
| Ok(rustls_pemfile::Item::Pkcs1Key(key)) => Some(PrivateKeyDer::Pkcs1(key)),
| Ok(rustls_pemfile::Item::Pkcs8Key(key)) => Some(PrivateKeyDer::Pkcs8(key)),
| Ok(rustls_pemfile::Item::Sec1Key(key)) => Some(PrivateKeyDer::Sec1(key)),
| _ => None,
}
})
.collect();
if client_keys.is_empty() {
return Err(anyhow::anyhow!("No client keys found"));
}
let mut mqttoptions = MqttOptions::new(client_id, endpoint, port);
mqttoptions.set_transport(rumqttc::Transport::Tls(rumqttc::TlsConfiguration::Rustls(Arc::new(
rumqttc::tokio_rustls::rustls::ClientConfig::builder()
.with_root_certificates(root_certs())
.with_client_auth_cert(client_certs, client_keys[0].clone_key())
.unwrap(),
))));
mqttoptions.set_keep_alive(Duration::from_secs(5));
Ok(AsyncClient::new(mqttoptions, 32))
} I just slapped this together so obviously you'll need some error handling etc. yada yada but it works against the AWS IoT core broker and should work with any other MQTT broker, too. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I searched discussion but can't find this topic, so asked. :-)
Beta Was this translation helpful? Give feedback.
All reactions