emqx配置ssl

1、生产自签证书

代码语言：javascript复制

mkdir /etc/emqttd/certs/ && cd /etc/emqttd/certs/
openssl genrsa -out ca-key.pem 2048
openssl req -x509 -new -nodes -key ca-key.pem -days 10000 -out ca.pem -subj "/CN=kube-ca"

2、配置nginx的ssl

代码语言：javascript复制

#emqx
        upstream stream_backend {
                zone tcp_servers 64k;
                hash $remote_addr;
                server 172.31.182.156:30883 max_fails=2 fail_timeout=30s;
        }
 
        server {
                listen 1883 ssl;
                #status_zone tcp_server;
                proxy_pass stream_backend;
                proxy_buffer_size 4k;
                ssl_handshake_timeout 15s;
                ssl_certificate     /etc/emqttd/certs/ca.pem;
                ssl_certificate_key /etc/emqttd/certs/ca-key.pem;
        }
 
 
}

3、客户端连接

nginx ssl 客户端 连接 配置

0 人点赞