MQTT Broker：使用 VerneMQ

下载

下载页面

https://github.com/vernemq/vernemq/releases

选择CentOS7的版本

https://github.com/vernemq/vernemq/releases/tag/1.12.3

安装

yum -y install vernemq-1.12.3.centos7.x86_64.rpm

配置启动

修改配置文件 /etc/vernemq/vernemq.conf

配置第一项：同意协议（默认竟然是no，不修为yes启动不起来）

## To use this pre-packaged version of VerneMQ you must agree
## to our end user license agreement (EULA).
## The EULA can be found on https://vernemq.com/end-user-license-agreement.
## 
## Default: no
## 
## Acceptable values:
##   - one of: yes, no
accept_eula = yes

配置第二项：允许匿名

## Allow anonymous users to connect, default is 'off'. !!NOTE!!
## Enabling this completely disables authentication of the clients and
## should only be used for testing/development purposes or in case
## clients are authenticated by some other means.
## 
## Default: off
## 
## Acceptable values:
##   - on or off
allow_anonymous = on

配置listener端口

listener.tcp.default = 0.0.0.0:1883
listener.ws.default = 0.0.0.0:9001
listener.ssl.default = 0.0.0.0:8883
listener.wss.default = 0.0.0.0:9883

配置tls的证书文件路径

根证书

## The cafile is used to define the path to a file containing
## the PEM encoded CA certificates that are trusted. Set the cafile
## on the protocol level or on the listener level:
## - listener.ssl.cafile
## - listener.wss.cafile
## or on the listener level:
## - listener.ssl.my_ssl_listener.cafile
## - listener.wss.my_wss_listener.cafile
## 
## Default: 
## 
## Acceptable values:
##   - the path to a file
## listener.ssl.cafile = /etc/vernemq/cacerts.pem
listener.ssl.cafile = /etc/vernemq/root_bundle.crt
listener.wss.cafile = /etc/vernemq/root_bundle.crt

证书公钥

## 
## Default: 
## 
## Acceptable values:
##   - the path to a file
## listener.https.cafile = /etc/vernemq/cacerts.pem

## Set the path to the PEM encoded server certificate
## on the protocol level or on the listener level:
## - listener.ssl.certfile
## - listener.wss.certfile
## or on the listener level:
## - listener.ssl.my_ssl_listener.certfile
## - listener.wss.my_wss_listener.certfile
## 
## Default: 
## 
## Acceptable values:
##   - the path to a file
## listener.ssl.certfile = /etc/vernemq/cert.pem

listener.ssl.certfile = /etc/vernemq/200180.xyz.crt
listener.wss.certfile = /etc/vernemq/200180.xyz.crt

证书私钥

## 
## Default: 
## 
## Acceptable values:
##   - the path to a file
## listener.https.certfile = /etc/vernemq/cert.pem

## Set the path to the PEM encoded key file on the protocol
## level or on the listener level:
## - listener.ssl.keyfile
## - listener.wss.keyfile
## or on the listener level:
## - listener.ssl.my_ssl_listener.keyfile
## - listener.wss.my_wss_listener.keyfile
## 
## Default: 
## 
## Acceptable values:
##   - the path to a file
## listener.ssl.keyfile = /etc/vernemq/key.pem
listener.ssl.keyfile = /etc/vernemq/200180.xyz.key
listener.wss.keyfile = /etc/vernemq/200180.xyz.key

页面查看状态

## listener.http.default is the IP address and TCP port that
## the broker will bind to accept HTTP connections
## - listener.http.default = 0.0.0.0:8888
## This also works for SSL listeners:
## - listener.https.default= 0.0.0.0:8889
## 
## Default: 127.0.0.1:8888
## 
## Acceptable values:
##   - an IP/port pair, e.g. 127.0.0.1:10011
## listener.http.default = 127.0.0.1:8888
listener.http.default = 0.0.0.0:8888

启动后访问：http://IP地址:8888/status

启动

systemctl start vernemq.service

重启

systemctl restart vernemq.service

关于用户协议

https://vernemq.com/end-user-license-agreement/
软件最终用户许可协议
（个人的，非商业的，实验性的）
26. 2019 年 11 月

本许可不适用于公司、政府组织、其他法律实体或打算将软件用于商业目的的个人。如果您代表公司、政府组织或其他法律实体，或者您打算将该软件用于商业目的，您必须直接联系 OCTAVO LABS 以获得该软件的商业许可。

不受限制的商业重用：在开源 Apache2 许可下工作。这意味着它是完全开放的，可以免费进行商业修改。