페이지 선택
Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
Search in pages

 NET(pc연습)과 IOT(pc연습)에서 SSL/TLS에 대한 기본 학습을 할 수 있다.

 

SDK 와 MQTT Broker 준비

MXOS SDK의 데모(WiFi 모듈)로 연동을 시험하기 전에 먼저 아래의 링크에서 기본연습을 해볼 수 있다.

 

 

 

1. MQTT Broker 설정

SSL/TLS 보안 통신을 위해 Mosquitto Broker의 설정(conf)파일을 다음과 같이 각자의 환경에 맞추어 수정한다

 

 

 

 

2. MQTT 데모 수정하기

♦ MQTT SSL/TLS 보안 적용을 위해 각자의 시험환경에 맞추어 제공된 mqtt 데모에서 mqtt → mico_app_define.h를 수정한다.

아래 인증서와 보안키는 Openssl로 생성한 인증서를 메모장(note pad)으로 열어 Copy&Paste하고 C 언어규칙에 맞게 재 정리 한 것이다.

 

/**
 * @file mqtt_config.h
 * @brief MQTT specific configuration file
 */
#ifndef MICO_APP_DEFINE_H_
#define MICO_APP_DEFINE_H_
#define MQTT_USE_SSL 
#ifdef MQTT_USE_SSL
#define MQTT_HOST                   “192.168.0.2” // “6618fdda2a4f11e7a554fa163e876164.mqtt.iot.gz.baidubce.com” ///< Customer specific MQTT HOST. The same will be used for Thing Shadow
#define MQTT_PORT                   8883 //1884 ///< default port for MQTT/S
#define MQTT_ROOT_CA_FILENAME “\
—–BEGIN CERTIFICATE—–\n\
MIIDjzCCAnegAwIBAgIUZfoON5QRwfbwh9m4c2SIxxemZxIwDQYJKoZIhvcNAQEL\n\
BQAwVzELMAkGA1UEBhMCS1IxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM\n\
GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEQMA4GA1UEAwwHTU9NT0lPVDAeFw0y\n\
MDA5MjEwODIxMDFaFw0zMDA5MTkwODIxMDFaMFcxCzAJBgNVBAYTAktSMRMwEQYD\n\
VQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBM\n\
dGQxEDAOBgNVBAMMB01PTU9JT1QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n\
AoIBAQDIa5baIrffUs2p6qPJ0+NHzsjzTqkt4aaLRrLU/uGM0RFYOs6ZtB/x8Tjb\n\
dG5Btu7j82Y4eykYBx4TsEmJuFGD8DHMKJWc2KkV2NvUYPDeYl+TN9YQxsnnhjGf\n\
rBw4O6XZc8jbkgkSiHJcg3MtFj+aK0tvsEzMPXbs6cPym3rGQOxHuVK21y5sk6do\n\
fu+VEZSCk9lbrPmnWZaHQv8zq6jpud5dXh5/TWu+zxfzdklCasEjvwerqZdCpQpK\n\
uEftvcr7BBrQmYKROkygJtulllCKlpm4zwMMfonBQRR5MZeBYenAxkPZrWyuzoO7\n\
oBYI5jCaf2+nqx5Oa2XSu3nPfYntAgMBAAGjUzBRMB0GA1UdDgQWBBTVGv7yV5UZ\n\
eGdXtjy9/AXEGzPxoTAfBgNVHSMEGDAWgBTVGv7yV5UZeGdXtjy9/AXEGzPxoTAP\n\
BgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBQ0YKK95Sc8UvkX6u4\n\
n4DFQkqO6c5NgjAqfJ+l+SaX++uBbp9ffLj0yxdwc7Ed8s+KHTMNtIkqWEqrpXeo\n\
XzA+P48GJ4rjEK4B8uYnjpd8DP2/jz/PBU+AdJ/CNf4SfkOkn+rs4Sqi5NrpQpBC\n\
wWDVKaQ5JVX/i0yuIRAhXijK5xNtIdCRfb1w3JYa878Kir5/LgBierD7bww5pdeZ\n\
uflNf7p3AqNZaqcG+syiggFdzSC1Ao2rahCHSTsaGiRrKS5PuWewUYgLERWy5U9s\n\
lCkd+IVjAZVjB1OOLENDFMPejQdvxuwkZEBggJAMbnjpTKutz6z0c9Pmv8umtavp\n\
vAkk\n\
—–END CERTIFICATE—–\n\
” // modified by ben from @ NULL ///< Root CA file name
#define MQTT_CERTIFICATE_FILENAME “\
—–BEGIN CERTIFICATE—–\n\
MIIDIzCCAgsCFH7yTGTKBzYtr9fKNxTw8eUZHmweMA0GCSqGSIb3DQEBCwUAMFcx\n\
CzAJBgNVBAYTAktSMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRl\n\
cm5ldCBXaWRnaXRzIFB0eSBMdGQxEDAOBgNVBAMMB01PTU9JT1QwHhcNMjAwOTIx\n\
MDgyMjIwWhcNMjEwOTIxMDgyMjIwWjBFMQswCQYDVQQGEwJLUjETMBEGA1UECAwK\n\
U29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIB\n\
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4tnb6FyPtN1nRjfIGQ2g/YDh\n\
x2wwcF+HePCWqJ3FcNyQGUlWeib3S8jYccdwaEslqmT1Jaul7+ouwvkmpK4HP2Hw\n\
IhflzIOPL3BNFBw2ZPQzU+hhu2e42+0jN5gQY66l8yp96DCE64m5xPU79X77VQ6l\n\
wem3qEe0WJvx/8GBmrgScXlCzNFupfBEdwWmcR9J0Fb9wQL3hDh4n28Abhz/vXT1\n\
CG2rSyvH4XX46NZ76+qS/ALlOq9VSqXmmv7LH0nOjuriX/XC7Q2sqKNhcqHGf1sm\n\
QAK5G8HX3Cq7WYu2jlicKDtasoj/ei0LIrkPA0wetJc25xcjjo+5MZjM39+trQID\n\
AQABMA0GCSqGSIb3DQEBCwUAA4IBAQCmIftN11xUAKxhLNDBUCAc1sMcHa1rS9FD\n\
x1XPdzcagqr+ygGLo3VVX8PKnJP4ciTWSKBn1V8amqG0F9zZUAzf6EH23ljjtYEy\n\
vCm+Srg8NAkRE/fips4CMaPMKLCfEPSjojqjT85TW360/cY3/5b+OjdsDUAEhNeg\n\
eEsToHi0QXeD9lh3A7xCvJYex6rN80igaaPcuuwS6WtlzGZbaf240+vzgmahdAfB\n\
WX0iokQvx0g0FblvijWcZl/OpJ3Dko4iXt3bTfcIWTKnB/Zg5c/J8PvPIfle7EFW\n\
D1/hN51Imo2mmtFdQcoS3YPHSMob99tDulBkcS9oh6sZTOMldFsx\n\
—–END CERTIFICATE—–\n\
” // modified by ben from @ NULL ///< device signed certificate file name
#define MQTT_PRIVATE_KEY_FILENAME “\
—–BEGIN RSA PRIVATE KEY—–\n\
MIIEpgIBAAKCAQEA4tnb6FyPtN1nRjfIGQ2g/YDhx2wwcF+HePCWqJ3FcNyQGUlW\n\
eib3S8jYccdwaEslqmT1Jaul7+ouwvkmpK4HP2HwIhflzIOPL3BNFBw2ZPQzU+hh\n\
u2e42+0jN5gQY66l8yp96DCE64m5xPU79X77VQ6lwem3qEe0WJvx/8GBmrgScXlC\n\
zNFupfBEdwWmcR9J0Fb9wQL3hDh4n28Abhz/vXT1CG2rSyvH4XX46NZ76+qS/ALl\n\
Oq9VSqXmmv7LH0nOjuriX/XC7Q2sqKNhcqHGf1smQAK5G8HX3Cq7WYu2jlicKDta\n\
soj/ei0LIrkPA0wetJc25xcjjo+5MZjM39+trQIDAQABAoIBAQDItPhcHYkH/Nvi\n\
xHfFssk9gUpBpvc0dVDnL/YcOXr24C6eMMTSTqd95bWa9Vn+7H3mxGwhaDzoh8nX\n\
t5j5GwBOk9hiUcJ/r+Z/klyf7lYx+91t36yYoqxr6OO/zEqz51HsUywSwtrXioNS\n\
P6dNDYxRNSRy7NYRjV+DBnaWUh7ZQ1iSi9a9hVJTmWGNyYATEEMucYjp68FRyg2a\n\
psEgM2R2BvlYXiFEbyIDDKZZArLY5GfrSA0ZB6Uzms4RaPSaX62Jn4qWv8PSOeZg\n\
f/OCHBn8AEfatEAHMIEJTnURjYQaoeV03sqCORqJvKSePL20QqamenjdOq4h4k6D\n\
5RmY1KABAoGBAPTDsb4nppeMWQ8Ko4YPWtQir1LbVVHUIraLsUETbl9JnvSTnUuN\n\
hF0hTiH+Uzc0bwfYZ2LDEO/ZmZeMX4Wch/4tAxR1gwZddcCSDHkCWZ768hiUJvVq\n\
uRvKUZDpv9Y9VoOnfgg5pBsCvAe00f73tmV/7/rxem8MHOx1+tNHxiNxAoGBAO1D\n\
qIloSvtwtX2WAx/5JdhMOKjMTEFjvk7psOjcJUgcVTo+LRT+AWJVtO/lz4HpHFEl\n\
F04MJ3IthBtvlIH2zMyG3PpSGi2BebiLrtZYelN9g1CE4dzcDTgkJXbejHythTQX\n\
5AkkrNGFv+z9A3pas0YFmhkZjWWMjEyQcKKTF5f9AoGBAL68zYMwpPrOTQySrtGm\n\
n5JWoSfBcmB9HrwAahYbTVSGK4/OhLI+ytpEPP3ykeigPLHxasek2Ur/2Fgn9LxL\n\
OhLSAudrl7pbFIsHhR67vRlN12Fd+mofS7cjV6LE9VC/pe6clHNWb9L4s4yR1V+K\n\
rCG2rE1y5oUo/FUsr1T8RqSRAoGBALdZwqM08kTuq4H6bD3IFqPY+ywOfJtHjiiD\n\
VRAOF81q/727kLEZPU6VdvawfDQjRZu7cxAAOnd0jxN4naX1Z/xh9+CFk+84kCy5\n\
3QmNZDKi2thdaAF6F8kbvcvnXV935GkGUVVzfw2HM3Lbb1WdQ87Hw3bEFU21WDJO\n\
qIwp6WCtAoGBALXItpo9/VWteJQTROM8s2YEoFQ3ceS58PV+t9ggwOXBKF1sQGAN\n\
611Kd8K15FVGsqDn/T+id7DXCTqNaHo/cJlIIfXLRHC9Nj4tIQLUiKNqSxtxpRT3\n\
PWbDHw8ZrQHNjmzqRl+rLkH/WPZRZxhBMHUhy55G/qozuGZaIXPAaqls\n\
—–END RSA PRIVATE KEY—–\n\
” //modified by ben from @ NULL ///< Device private key filename
#define MQTT_USERNAME               “6618fdda2a4f11e7a554fa163e876164/77a0853e3a1a11e7a554fa163e876164”
#define MQTT_PASSWORD               “ibV/zzpOyHKDUVH4EEXK7RoZtJHp6GTj6fazxst2+k4=”
#else
#define MQTT_HOST                   “test.mosquitto.org” ///< Customer specific MQTT HOST. The same will be used for Thing Shadow
#define MQTT_PORT                   1883 ///< default port for MQTT/S
#define MQTT_USERNAME               “”
#define MQTT_PASSWORD               “”
#endif
#define MQTT_SUB_NAME “momoiot/toto”
#define MQTT_PUB_NAME “momoiot/momo”
#define MQTT_CLIENT_ID “77a0853e3a1a11e7a554fa163e876164”
#endif /* SRC_SHADOW_IOT_SHADOW_CONFIG_H_ */
 
 
 
 
 

 

♦ 제공된 mqtt 데모에서 mqtt → mqtt_main.c에서 다음 2개의 변수 값을 “true”로 변경한다.

mqttInitParams.isSSLHostnameVerify = true;

mqttInitParams.isClientnameVerify = true; 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Adsense

 

 WiFi IoT Module

 

www.mxchip.com

 

 

 Bluetooth Module

www.feasycom.com

 

 

 5G/LTE/CAT-M1/NB-IoT

 

www.simcom.com

 

Viewed Page List