emqx配置ssl

1、生产自签证书

mkdir /etc/emqttd/certs/ && cd /etc/emqttd/certs/
openssl genrsa -out ca-key.pem 2048
openssl req -x509 -new -nodes -key ca-key.pem -days 10000 -out ca.pem -subj "/CN=kube-ca"

2、配置nginx的ssl

#emqx
        upstream stream_backend {
                zone tcp_servers 64k;
                hash $remote_addr;
                server 172.31.182.156:30883 max_fails=2 fail_timeout=30s;
        }

        server {
                listen 1883 ssl;
                #status_zone tcp_server;
                proxy_pass stream_backend;
                proxy_buffer_size 4k;
                ssl_handshake_timeout 15s;
                ssl_certificate     /etc/emqttd/certs/ca.pem;
                ssl_certificate_key /etc/emqttd/certs/ca-key.pem;
        }


}

3、客户端连接

 

 

 

posted @ 2019-09-09 12:47  西门运维  阅读(4779)  评论(0编辑  收藏  举报