QMqttClient https://doc.qt.io/QtMQTT/qmqttclient.html如果您的 Qt 支持 SSL,将用作 QSslSocket 的传输设备,以验证它是否支持 SSLQSslSocket::supportsSsl() https://doc.qt.io/qt-5/qsslsocket.html#supportsSsl函数必须返回 true。如果不支持,则必须按照指南启用它:启用和禁用 SSL 支持 https://doc.qt.io/qt-5/ssl.html#enabling-and-disabling-ssl-support.
考虑到上述方法有效,那么您可以全局设置证书,以便所有 QSslSocket 默认使用它:
QSslCertificate cert = QSslCertificate(...);
QSslSocket::addDefaultCaCertificate(cert);
QMqttClient client;
client.setHostname(...);
client.setPort(...);
// ...
client.connectToHostEncrypted();
例如使用http://test.mosquitto.org/ http://test.mosquitto.org/:
#include <QtMqtt>
const QByteArray pem = R"(-----BEGIN CERTIFICATE-----
MIIC8DCCAlmgAwIBAgIJAOD63PlXjJi8MA0GCSqGSIb3DQEBBQUAMIGQMQswCQYD
VQQGEwJHQjEXMBUGA1UECAwOVW5pdGVkIEtpbmdkb20xDjAMBgNVBAcMBURlcmJ5
MRIwEAYDVQQKDAlNb3NxdWl0dG8xCzAJBgNVBAsMAkNBMRYwFAYDVQQDDA1tb3Nx
dWl0dG8ub3JnMR8wHQYJKoZIhvcNAQkBFhByb2dlckBhdGNob28ub3JnMB4XDTEy
MDYyOTIyMTE1OVoXDTIyMDYyNzIyMTE1OVowgZAxCzAJBgNVBAYTAkdCMRcwFQYD
VQQIDA5Vbml0ZWQgS2luZ2RvbTEOMAwGA1UEBwwFRGVyYnkxEjAQBgNVBAoMCU1v
c3F1aXR0bzELMAkGA1UECwwCQ0ExFjAUBgNVBAMMDW1vc3F1aXR0by5vcmcxHzAd
BgkqhkiG9w0BCQEWEHJvZ2VyQGF0Y2hvby5vcmcwgZ8wDQYJKoZIhvcNAQEBBQAD
gY0AMIGJAoGBAMYkLmX7SqOT/jJCZoQ1NWdCrr/pq47m3xxyXcI+FLEmwbE3R9vM
rE6sRbP2S89pfrCt7iuITXPKycpUcIU0mtcT1OqxGBV2lb6RaOT2gC5pxyGaFJ+h
A+GIbdYKO3JprPxSBoRponZJvDGEZuM3N7p3S/lRoi7G5wG5mvUmaE5RAgMBAAGj
UDBOMB0GA1UdDgQWBBTad2QneVztIPQzRRGj6ZHKqJTv5jAfBgNVHSMEGDAWgBTa
d2QneVztIPQzRRGj6ZHKqJTv5jAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUA
A4GBAAqw1rK4NlRUCUBLhEFUQasjP7xfFqlVbE2cRy0Rs4o3KS0JwzQVBwG85xge
REyPOFdGdhBY2P1FNRy0MDr6xr+D2ZOwxs63dG1nnAnWZg7qwoLgpZ4fESPD3PkA
1ZgKJc2zbSQ9fCPxt2W3mdVav66c6fsb7els2W2Iz7gERJSX
-----END CERTIFICATE-----
)";
int main(int argc, char *argv[]) {
QCoreApplication a(argc, argv);
const QString hostname{"test.mosquitto.org"};
const quint16 port = 8883;
const QMqttTopicName topic{"qtmqtt/ssl_test"};
const QMqttTopicFilter filter{"qtmqtt/#"};
QSslCertificate cert = QSslCertificate(pem, QSsl::Pem);
QSslSocket::addDefaultCaCertificate(cert);
QMqttClient client;
client.setHostname(hostname);
client.setPort(port);
QObject::connect(&client, &QMqttClient::stateChanged, [](QMqttClient::ClientState state){
if(state == QMqttClient::Disconnected)
qDebug() << " State: Disconnected";
else if(state == QMqttClient::Connecting)
qDebug() << " State: Connecting";
else if(state == QMqttClient::Connected)
qDebug() << " State: Connected";
});
QObject::connect(&client, &QMqttClient::errorChanged, [](QMqttClient::ClientError error){
qDebug() << error;
});
QObject::connect(&client, &QMqttClient::messageReceived, [](const QByteArray &message, const QMqttTopicName &topic){
qDebug() << " Received Topic:" << topic.name() << " Message: " << message;
});
QTimer timer;
QObject::connect(&timer, &QTimer::timeout, [&client, &topic](){
if(client.publish(topic, QDateTime::currentDateTime().toString().toUtf8()) == -1)
qDebug() << "Error: Could not publish message";
});
QObject::connect(&client, &QMqttClient::connected, [&client, &timer, &filter](){
QMqttSubscription *subscription = client.subscribe(filter);
if(!subscription)
qDebug() << "Could not subscribe";
timer.start(1000);
});
client.connectToHostEncrypted();
return a.exec();
}
Output:
State: Connecting
State: Connected
Received Topic: "qtmqtt/ssl_test" Message: "Sat Sep 7 00:58:08 2019"
Received Topic: "qtmqtt/ssl_test" Message: "Sat Sep 7 00:58:09 2019"
Received Topic: "qtmqtt/ssl_test" Message: "Sat Sep 7 00:58:10 2019"
Received Topic: "qtmqtt/ssl_test" Message: "Sat Sep 7 00:58:11 2019"
Received Topic: "qtmqtt/ssl_test" Message: "Sat Sep 7 00:58:12 2019"
...
您还可以使用 QSslConfiguration 设置证书和/或私钥:
QSslCertificate cert = QSslCertificate(...);
QSslConfiguration conf;
conf.setCaCertificates({cert});
// conf.setPrivateKey();
QSslConfiguration::setDefaultConfiguration(conf);
QMqttClient client;
client.setHostname(...);
client.setPort(...);
// ...
client.connectToHostEncrypted();
你也可以通过将QSslSocket设置为传输设备来直接传递它:
QSslCertificate cert = QSslCertificate(...);
QSslSocket socket;
socket.addCaCertificate(cert);
// conf.setPrivateKey();
QMqttClient client;
client.setHostname(...);
client.setPort(...);
client.setTransport(&socket, QMqttClient::SecureSocket);
// ...
client.connectToHostEncrypted();