按照文档设置tls双向认证不成功

[larychen]

按照文档: 生成了服务端和客户端证书
在控制台配置了服务端证书和根证书开启了客户端验证

使用mqttx工具配置客户端证书和根证书可以连接成功

使用java paho客户端按照列子 设置不成功

` Security.addProvider(new BouncyCastleProvider());

    // Load CA certificates
    KeyStore caKs = loadCAKeyStore(caCrtFile);

    // Load client certificate chain and key
    KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
    ks.load(null, null);

    // Load the entire client certificate chain
    Certificate[] chain;
    try (FileInputStream fis = new FileInputStream(crtFile)) {
        CertificateFactory cf = CertificateFactory.getInstance("X509");
        Collection<? extends Certificate> certs = cf.generateCertificates(fis);
        chain = certs.toArray(new Certificate[0]);
    }

    // Load client private key
    try (PEMParser pemParser = new PEMParser(new FileReader(keyFile))) {
        Object object = pemParser.readObject();
        JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider("BC");
        PrivateKey key = converter.getPrivateKey((PrivateKeyInfo) object);
        ks.setKeyEntry("private-key", key, password.toCharArray(), chain);
    }

    // Set up key managers and trust managers
    TrustManagerFactory tmf = TrustManagerFactory.getInstance("X509");
    tmf.init(caKs);
    KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
    kmf.init(ks, password.toCharArray());

    // finally, create SSL socket factory
    SSLContext context = SSLContext.getInstance("TLSv1.2");
    context.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);

    return context.getSocketFactory();`

反复检查了证书路径没有问题
请问下这个有什么方法处理吗

[Kiki513H]

最后怎么解决的 这种方式连接不成功 就得通过Ng 不通过Ng 是没办法成功的