{"id":7612,"date":"2022-06-07T10:10:55","date_gmt":"2022-06-07T02:10:55","guid":{"rendered":"https:\/\/blog.hoyo.idv.tw\/?p=7612"},"modified":"2022-06-07T10:10:55","modified_gmt":"2022-06-07T02:10:55","slug":"mqtt-5-emq-x-broker-%e5%ae%89%e8%a3%9d%e3%80%81%e5%9f%ba%e6%9c%ac%e8%a8%ad%e5%ae%9a","status":"publish","type":"post","link":"https:\/\/blog.hoyo.idv.tw\/?p=7612","title":{"rendered":"MQTT - 5. EMQ X Broker \u5b89\u88dd\u3001\u57fa\u672c\u8a2d\u5b9a"},"content":{"rendered":"<h2>\u7c21\u4ecb<\/h2>\n<ul>\n<li>\u6574\u5408\u8cc7\u6599\u5eab\u4f7f\u7528\u8005\u5e33\u865f\u8a8d\u8b49<\/li>\n<li>ACL - \u91dd\u5c0d\u4f7f\u7528\u8005\u8a2d\u5b9a\u4e0d\u540c\u7684\u4e3b\u984c\u5b58\u53d6\u6b0a\u9650<\/li>\n<li>\u652f\u6301 SSL<\/li>\n<li>\u652f\u6301 WebSocket<\/li>\n<\/ul>\n<p>--<\/p>\n<h2>\u5b89\u88dd<\/h2>\n<ul>\n<li><a href=\"https:\/\/www.emqx.io\/cn\/downloads#broker\" target=\"_blank\" rel=\"noopener\">EMQ X Broker \u5f00\u6e90\u7269\u8054\u7f51 MQTT \u6d88\u606f\u4e2d\u95f4\u4ef6<\/a><\/li>\n<\/ul>\n<pre class=\"lang:default decode:true\"># wget https:\/\/www.emqx.io\/cn\/downloads\/broker\/v4.2.2\/emqx-ubuntu20.04-4.2.2-x86_64.deb\r\n# dpkg -i emqx-ubuntu20.04-4.2.2-x86_64.deb\r\n# emqx start<\/pre>\n<p>\u7ba1\u7406\u4ecb\u9762<\/p>\n<pre class=\"lang:default decode:true \">http:\/\/ip:18083<\/pre>\n<p>\u5e33\u865f admin \u5bc6\u78bc public<\/p>\n<p><a href=\"https:\/\/blog.hoyo.idv.tw\/wp-content\/uploads\/2020\/11\/20201117_164003.png\" data-rel=\"lightbox-image-0\" data-rl_title=\"\" data-rl_caption=\"\" title=\"\"><img loading=\"lazy\" class=\"alignnone size-medium wp-image-7608\" src=\"https:\/\/blog.hoyo.idv.tw\/wp-content\/uploads\/2020\/11\/20201117_164003-300x150.png\" alt=\"\" width=\"300\" height=\"150\" srcset=\"https:\/\/blog.hoyo.idv.tw\/wp-content\/uploads\/2020\/11\/20201117_164003-300x150.png 300w, https:\/\/blog.hoyo.idv.tw\/wp-content\/uploads\/2020\/11\/20201117_164003-768x384.png 768w, https:\/\/blog.hoyo.idv.tw\/wp-content\/uploads\/2020\/11\/20201117_164003-1024x512.png 1024w, https:\/\/blog.hoyo.idv.tw\/wp-content\/uploads\/2020\/11\/20201117_164003-500x250.png 500w, https:\/\/blog.hoyo.idv.tw\/wp-content\/uploads\/2020\/11\/20201117_164003.png 1898w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p>\u4fee\u6539\u9810\u8a2d Dashboard \u5bc6\u78bc\uff0c\u7de8\u8f2f \/etc\/emqx\/plugins\/emqx_dashboard.conf<\/p>\n<pre class=\"lang:default decode:true\">dashboard.default_user.login = admin\r\ndashboard.default_user.password = public\r\n<\/pre>\n<p>\u4fee\u6539\u5b8c\u6210\u5f8c\u91cd\u555f\u5373\u53ef<\/p>\n<pre class=\"lang:default decode:true\"># emqx restart<\/pre>\n<p>--<\/p>\n<h2>SSL - \u8b49\u66f8\u751f\u6210<\/h2>\n<ul>\n<li><a href=\"https:\/\/www.emqx.io\/cn\/blog\/enable-two-way-ssl-for-emqx\" target=\"_blank\" rel=\"noopener\">EMQ X \u542f\u7528\u53cc\u5411 SSL\/TLS \u5b89\u5168\u8fde\u63a5<\/a><\/li>\n<li><a href=\"https:\/\/github.com\/emqx\/emqx\/issues\/1703\" target=\"_blank\" rel=\"noopener\">Error when connect Emqttd SSL mode with paho client #1703<\/a><\/li>\n<\/ul>\n<p>\u4e0d\u9069\u7528\u8de8\u5230 WebSocket \u61c9\u7528\uff0c\u9700\u8981\u8de8\u63a5\u5230 WebSocket \u6642\uff0c\u8acb\u53c3\u8003\u300c<a href=\"https:\/\/blog.hoyo.idv.tw\/?p=8048\" target=\"_blank\" rel=\"noopener\">MQTT \u2013 \u4f7f\u7528 Let\u2019s Encrypt SSL + EMQ X \u5efa\u69cb SSL WebSocket<\/a>\u300d<\/p>\n<pre class=\"lang:default decode:true\"># openssl genrsa -out my_root_ca.key 2048\r\n# openssl req -x509 -new -nodes -key my_root_ca.key -sha256 -days 3650 -out my_root_ca.pem<\/pre>\n<p>\u7de8\u8f2f openssl.cnf \u8a2d\u5b9a\u6a94<\/p>\n<pre class=\"lang:default decode:true\"># vi openssl.cnf<\/pre>\n<pre class=\"lang:default decode:true \">[req]\r\ndefault_bits  = 2048\r\ndistinguished_name = req_distinguished_name\r\nreq_extensions = req_ext\r\nx509_extensions = v3_req\r\nprompt = no\r\n\r\n[req_distinguished_name]\r\ncountryName = TW\r\nstateOrProvinceName = hoyo\r\nlocalityName = hoyo\r\norganizationName = EMQX\r\ncommonName = *.*.*.*\r\n\r\n[req_ext]\r\nsubjectAltName = @alt_names\r\n\r\n[v3_req]\r\nsubjectAltName = @alt_names\r\n\r\n[alt_names]\r\nIP.1 = 172.16.1.220<\/pre>\n<ul>\n<li>IP \u4e0d\u80fd\u4f7f\u7528 * (\u842c\u7528\u5b57\u5143 wildcard) \uff1bDNS \u53ef\u4ee5<\/li>\n<li>commonName \u4f7f\u7528 *.*.*.* \u4f86\u61c9\u4ed8 IP \u9023\u63a5\u74b0\u5883<\/li>\n<\/ul>\n<pre class=\"lang:default decode:true\"># openssl genrsa -out emqx.key 2048\r\n# openssl req -new -key .\/emqx.key -config openssl.cnf -out emqx.csr\r\n# openssl x509 -req -in .\/emqx.csr -CA my_root_ca.pem -CAkey my_root_ca.key -CAcreateserial -out emqx.pem -days 3650 -sha256 -extensions v3_req -extfile openssl.cnf\r\n# openssl genrsa -out client.key 2048\r\n# openssl req -new -key client.key -out client.csr -subj \"\/C=TW\/ST=hoyo\/L=hoyo\/O=EMQX\/CN=client\"\r\n# openssl x509 -req -days 3650 -in client.csr -CA my_root_ca.pem -CAkey my_root_ca.key -CAcreateserial -out client.pem<\/pre>\n<p>\u7d50\u679c<\/p>\n<pre class=\"lang:default decode:true\">root@demand:~\/emqx_ssl# ll\r\ntotal 48\r\ndrwxr-xr-x  2 root root 4096 Nov 18 01:59 .\/\r\ndrwx------ 12 root root 4096 Nov 20 09:42 ..\/\r\n-rw-r--r--  1 root root  964 Nov 18 01:59 client.csr\r\n-rw-------  1 root root 1679 Nov 18 01:59 client.key\r\n-rw-r--r--  1 root root 1155 Nov 18 01:59 client.pem\r\n-rw-r--r--  1 root root 1005 Nov 18 01:58 emqx.csr\r\n-rw-------  1 root root 1675 Nov 18 01:50 emqx.key\r\n-rw-r--r--  1 root root 1188 Nov 18 01:58 emqx.pem\r\n-rw-------  1 root root 1679 Nov 18 01:49 my_root_ca.key\r\n-rw-r--r--  1 root root 1294 Nov 18 01:50 my_root_ca.pem\r\n-rw-r--r--  1 root root   41 Nov 18 01:59 my_root_ca.srl\r\n-rw-r--r--  1 root root  372 Nov 18 01:58 openssl.cnf<\/pre>\n<p>\u7de8\u8f2f<\/p>\n<pre class=\"lang:default decode:true \"># vi \/etc\/emqx\/emqx.conf<\/pre>\n<pre class=\"lang:default decode:true \">listener.ssl.external.keyfile = \/etc\/emqx\/certs\/emqx.key\r\nlistener.ssl.external.certfile = \/etc\/emqx\/certs\/emqx.pem\r\nlistener.ssl.external.cacertfile = \/etc\/emqx\/certs\/my_root_ca.pem<\/pre>\n<p>--<\/p>\n<h2>\u8b49\u66f8\u6307\u7d0b<\/h2>\n<pre class=\"lang:default decode:true\"># openssl x509 -in emqx.pem -noout -fingerprint -sha1<\/pre>\n<p>--<\/p>\n<h2>MySQL \u4f7f\u7528\u8005\u8a8d\u8b49<\/h2>\n<ul>\n<li><a href=\"https:\/\/docs.emqx.cn\/cn\/broker\/latest\/advanced\/auth-mysql.html\" target=\"_blank\" rel=\"noopener\">MySQL \u8ba4\u8bc1<\/a><\/li>\n<li><a href=\"https:\/\/docs.emqx.net\/broker\/latest\/cn\/advanced\/acl-mysql.html\" target=\"_blank\" rel=\"noopener\">MySQL ACL<\/a><\/li>\n<li><a href=\"https:\/\/zhuanlan.zhihu.com\/p\/109030841\" target=\"_blank\" rel=\"noopener\">EMQ\u767e\u4e07\u7ea7MQTT\u6d88\u606f\u670d\u52a1(\u5c0f\u6280\u5de7)<\/a><\/li>\n<\/ul>\n<p>\u7de8\u8f2f\u8cc7\u6599\u5eab\u9023\u63a5\u8a2d\u5b9a\u6a94<\/p>\n<pre class=\"lang:default decode:true\"># vi \/etc\/emqx\/plugins\/emqx_auth_mysql.conf<\/pre>\n<pre class=\"lang:default decode:true\">auth.mysql.server = 127.0.0.1:3306\r\nauth.mysql.username = username\r\nauth.mysql.password = password\r\nauth.mysql.database = database<\/pre>\n<p>\u91cd\u555f emqx<\/p>\n<pre class=\"lang:default decode:true\"># emqx restart<\/pre>\n<p>\u5efa\u7acb user \u8cc7\u6599\u8868<\/p>\n<pre class=\"lang:mysql decode:true\">CREATE TABLE `mqtt_user` (\r\n  `id` int(11) unsigned NOT NULL AUTO_INCREMENT,\r\n  `username` varchar(100) DEFAULT NULL,\r\n  `password` varchar(100) DEFAULT NULL,\r\n  `salt` varchar(35) DEFAULT NULL,\r\n  `is_superuser` tinyint(1) DEFAULT 0,\r\n  `created` datetime DEFAULT NULL,\r\n  PRIMARY KEY (`id`),\r\n  UNIQUE KEY `mqtt_username` (`username`)\r\n) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;<\/pre>\n<p>\u5efa\u7acb ACL \u8cc7\u6599\u8868<\/p>\n<pre class=\"lang:default decode:true\">CREATE TABLE `mqtt_acl` (\r\n  `id` int(11) unsigned NOT NULL AUTO_INCREMENT,\r\n  `allow` int(1) DEFAULT 1 COMMENT '0: deny, 1: allow',\r\n  `ipaddr` varchar(60) DEFAULT NULL COMMENT 'IpAddress',\r\n  `username` varchar(100) DEFAULT NULL COMMENT 'Username',\r\n  `clientid` varchar(100) DEFAULT NULL COMMENT 'ClientId',\r\n  `access` int(2) NOT NULL COMMENT '1: subscribe, 2: publish, 3: pubsub',\r\n  `topic` varchar(100) NOT NULL DEFAULT '' COMMENT 'Topic Filter',\r\n  PRIMARY KEY (`id`)\r\n) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;<\/pre>\n<p>\u5230 Dashboard \u958b\u555f emqx_auth_mysql \u63d2\u4ef6<\/p>\n<p><a href=\"https:\/\/blog.hoyo.idv.tw\/wp-content\/uploads\/2022\/06\/20220607_101037.png\" data-rel=\"lightbox-image-1\" data-rl_title=\"\" data-rl_caption=\"\" title=\"\"><img loading=\"lazy\" class=\"alignnone size-large wp-image-10168\" src=\"https:\/\/blog.hoyo.idv.tw\/wp-content\/uploads\/2022\/06\/20220607_101037-1024x662.png\" alt=\"\" width=\"584\" height=\"378\" srcset=\"https:\/\/blog.hoyo.idv.tw\/wp-content\/uploads\/2022\/06\/20220607_101037-1024x662.png 1024w, https:\/\/blog.hoyo.idv.tw\/wp-content\/uploads\/2022\/06\/20220607_101037-300x194.png 300w, https:\/\/blog.hoyo.idv.tw\/wp-content\/uploads\/2022\/06\/20220607_101037-768x497.png 768w, https:\/\/blog.hoyo.idv.tw\/wp-content\/uploads\/2022\/06\/20220607_101037-464x300.png 464w, https:\/\/blog.hoyo.idv.tw\/wp-content\/uploads\/2022\/06\/20220607_101037.png 1239w\" sizes=\"(max-width: 584px) 100vw, 584px\" \/><\/a><\/p>\n<p>--<\/p>\n<h2>\u767d\u540d\u55ae<\/h2>\n<p>\u5be6\u969b\u61c9\u7528\u4e0a\u4e0d\u53ef\u80fd\u8b93\u6bcf\u500b\u4f7f\u7528\u8005\u90fd\u7121\u9650\u5236\u7684\u8a02\u95b1\u4e3b\u984c\uff0c\u56e0\u6b64\u5fc5\u9808\u4f7f\u7528\u767d\u540d\u55ae\u6a5f\u5236<\/p>\n<pre class=\"lang:default decode:true \"># vi \/etc\/emqx\/<\/pre>\n<p>\u5c07\u9810\u8a2d\u5141\u8a31\u8a2a\u5ba2\u95dc\u9589<\/p>\n<pre class=\"lang:default decode:true\">allow_anonymous = false\r\nacl_nomatch = allow\r\n<\/pre>\n<p>user \u8cc7\u6599\u8868\u65b0\u589e\u5e33\u865f\uff0cACL \u65b0\u589e\u5141\u8a31\u7684\u4e3b\u984c\uff0c\u985e\u4f3c\u4ee5\u4e0b\u9019\u500b\u6a23\u5b50<\/p>\n<p><a href=\"https:\/\/blog.hoyo.idv.tw\/wp-content\/uploads\/2022\/06\/20220607_093540.png\" data-rel=\"lightbox-image-2\" data-rl_title=\"\" data-rl_caption=\"\" title=\"\"><img loading=\"lazy\" class=\"alignnone size-large wp-image-10166\" src=\"https:\/\/blog.hoyo.idv.tw\/wp-content\/uploads\/2022\/06\/20220607_093540-1024x563.png\" alt=\"\" width=\"584\" height=\"321\" srcset=\"https:\/\/blog.hoyo.idv.tw\/wp-content\/uploads\/2022\/06\/20220607_093540-1024x563.png 1024w, https:\/\/blog.hoyo.idv.tw\/wp-content\/uploads\/2022\/06\/20220607_093540-300x165.png 300w, https:\/\/blog.hoyo.idv.tw\/wp-content\/uploads\/2022\/06\/20220607_093540-768x422.png 768w, https:\/\/blog.hoyo.idv.tw\/wp-content\/uploads\/2022\/06\/20220607_093540-500x275.png 500w, https:\/\/blog.hoyo.idv.tw\/wp-content\/uploads\/2022\/06\/20220607_093540.png 1472w\" sizes=\"(max-width: 584px) 100vw, 584px\" \/><\/a><\/p>\n<p><a href=\"https:\/\/blog.hoyo.idv.tw\/wp-content\/uploads\/2022\/06\/20220607_093544.png\" data-rel=\"lightbox-image-3\" data-rl_title=\"\" data-rl_caption=\"\" title=\"\"><img loading=\"lazy\" class=\"alignnone size-large wp-image-10167\" src=\"https:\/\/blog.hoyo.idv.tw\/wp-content\/uploads\/2022\/06\/20220607_093544-1024x563.png\" alt=\"\" width=\"584\" height=\"321\" srcset=\"https:\/\/blog.hoyo.idv.tw\/wp-content\/uploads\/2022\/06\/20220607_093544-1024x563.png 1024w, https:\/\/blog.hoyo.idv.tw\/wp-content\/uploads\/2022\/06\/20220607_093544-300x165.png 300w, https:\/\/blog.hoyo.idv.tw\/wp-content\/uploads\/2022\/06\/20220607_093544-768x422.png 768w, https:\/\/blog.hoyo.idv.tw\/wp-content\/uploads\/2022\/06\/20220607_093544-500x275.png 500w, https:\/\/blog.hoyo.idv.tw\/wp-content\/uploads\/2022\/06\/20220607_093544.png 1472w\" sizes=\"(max-width: 584px) 100vw, 584px\" \/><\/a><\/p>\n<p>--<\/p>\n<div class=\"pvc_clear\"><\/div>\n<p class=\"pvc_stats all \" data-element-id=\"7612\" style=\"\"><i class=\"pvc-stats-icon medium\" aria-hidden=\"true\"><svg aria-hidden=\"true\" focusable=\"false\" data-prefix=\"far\" data-icon=\"chart-bar\" role=\"img\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" viewBox=\"0 0 512 512\" class=\"svg-inline--fa fa-chart-bar fa-w-16 fa-2x\"><path fill=\"currentColor\" d=\"M396.8 352h22.4c6.4 0 12.8-6.4 12.8-12.8V108.8c0-6.4-6.4-12.8-12.8-12.8h-22.4c-6.4 0-12.8 6.4-12.8 12.8v230.4c0 6.4 6.4 12.8 12.8 12.8zm-192 0h22.4c6.4 0 12.8-6.4 12.8-12.8V140.8c0-6.4-6.4-12.8-12.8-12.8h-22.4c-6.4 0-12.8 6.4-12.8 12.8v198.4c0 6.4 6.4 12.8 12.8 12.8zm96 0h22.4c6.4 0 12.8-6.4 12.8-12.8V204.8c0-6.4-6.4-12.8-12.8-12.8h-22.4c-6.4 0-12.8 6.4-12.8 12.8v134.4c0 6.4 6.4 12.8 12.8 12.8zM496 400H48V80c0-8.84-7.16-16-16-16H16C7.16 64 0 71.16 0 80v336c0 17.67 14.33 32 32 32h464c8.84 0 16-7.16 16-16v-16c0-8.84-7.16-16-16-16zm-387.2-48h22.4c6.4 0 12.8-6.4 12.8-12.8v-70.4c0-6.4-6.4-12.8-12.8-12.8h-22.4c-6.4 0-12.8 6.4-12.8 12.8v70.4c0 6.4 6.4 12.8 12.8 12.8z\" class=\"\"><\/path><\/svg><\/i> &nbsp;6,037&nbsp;total views<\/p>\n<div class=\"pvc_clear\"><\/div>\n","protected":false},"excerpt":{"rendered":"<p>\u7c21\u4ecb \u6574\u5408\u8cc7\u6599\u5eab\u4f7f\u7528\u8005\u5e33\u865f\u8a8d\u8b49...<\/p>\n<div class=\"pvc_clear\"><\/div>\n<p class=\"pvc_stats all \" data-element-id=\"7612\" style=\"\"><i class=\"pvc-stats-icon medium\" aria-hidden=\"true\"><svg aria-hidden=\"true\" focusable=\"false\" data-prefix=\"far\" data-icon=\"chart-bar\" role=\"img\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" viewBox=\"0 0 512 512\" class=\"svg-inline--fa fa-chart-bar fa-w-16 fa-2x\"><path fill=\"currentColor\" d=\"M396.8 352h22.4c6.4 0 12.8-6.4 12.8-12.8V108.8c0-6.4-6.4-12.8-12.8-12.8h-22.4c-6.4 0-12.8 6.4-12.8 12.8v230.4c0 6.4 6.4 12.8 12.8 12.8zm-192 0h22.4c6.4 0 12.8-6.4 12.8-12.8V140.8c0-6.4-6.4-12.8-12.8-12.8h-22.4c-6.4 0-12.8 6.4-12.8 12.8v198.4c0 6.4 6.4 12.8 12.8 12.8zm96 0h22.4c6.4 0 12.8-6.4 12.8-12.8V204.8c0-6.4-6.4-12.8-12.8-12.8h-22.4c-6.4 0-12.8 6.4-12.8 12.8v134.4c0 6.4 6.4 12.8 12.8 12.8zM496 400H48V80c0-8.84-7.16-16-16-16H16C7.16 64 0 71.16 0 80v336c0 17.67 14.33 32 32 32h464c8.84 0 16-7.16 16-16v-16c0-8.84-7.16-16-16-16zm-387.2-48h22.4c6.4 0 12.8-6.4 12.8-12.8v-70.4c0-6.4-6.4-12.8-12.8-12.8h-22.4c-6.4 0-12.8 6.4-12.8 12.8v70.4c0 6.4 6.4 12.8 12.8 12.8z\" class=\"\"><\/path><\/svg><\/i> &nbsp;6,037&nbsp;total views<\/p>\n<div class=\"pvc_clear\"><\/div>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[319],"tags":[],"_links":{"self":[{"href":"https:\/\/blog.hoyo.idv.tw\/index.php?rest_route=\/wp\/v2\/posts\/7612"}],"collection":[{"href":"https:\/\/blog.hoyo.idv.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.hoyo.idv.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.hoyo.idv.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.hoyo.idv.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=7612"}],"version-history":[{"count":34,"href":"https:\/\/blog.hoyo.idv.tw\/index.php?rest_route=\/wp\/v2\/posts\/7612\/revisions"}],"predecessor-version":[{"id":13960,"href":"https:\/\/blog.hoyo.idv.tw\/index.php?rest_route=\/wp\/v2\/posts\/7612\/revisions\/13960"}],"wp:attachment":[{"href":"https:\/\/blog.hoyo.idv.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=7612"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.hoyo.idv.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=7612"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.hoyo.idv.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=7612"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}