I'm running into a really frustrating error with trying to bridge mosquitto to the AWS IoT MQTT system. I set it up following this guide:
https://aws.amazon.com/blogs/iot/how-to-bridge-mosquitto-mqtt-broker-to-aws-iot/
Which at first seemed to work. I was able to see messages in he AWS IoT console when I subscribed to it. Then I restarted mosquitto and I'm just getting this error over and over again:
1529722121: OpenSSL Error: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown
1529722121: Socket error on client local.bridgeawsiot, disconnecting.
1529722151: Bridge local.bridgeawsiot doing local SUBSCRIBE on topic localgateway_to_awsiot
1529722151: Bridge local.bridgeawsiot doing local SUBSCRIBE on topic both_directions
1529722151: Connecting bridge awsiot (a10cxxxxxxxxxx.iot.us-west-2.amazonaws.com:8883)
1529722182: Connecting bridge awsiot (a10cxxxxxxxxxx.iot.us-west-2.amazonaws.com:8883)
I've verified multiple times that the certificates that I'm using are the correct ones, I've also checked that the Thing has a policy attached to it and that the certificates are activated. I made sure that the rootCA.pem file is the one issued from Verisign. I'm at a loss as to why the broker is not working. The host OS is Ubuntu 18.04 running the bundled version of mosquitto. Any help would be appreciated.
I figured out what the issue was. I was using the CLI to retrieve my IoT endpoint and my default region was set to us-west-2. The certificates that I created are in us-east-1.
Related
I'm trying to connect my own gitlab to the xcode cloud, but I'm stuck at registering the application.
The error message is "504 Client Timeout. If you are using a firewall, it must be configured to accept incoming connections."
If you follow this message, you need to open the firewall, but which address should you open? Or is there another way?
I'm trying to publish some data to Google Cloud using the SIM800 module together with ESP32. Google IoT Core provides its documentation on connecting MQTT clients here. It says:
Associate the MQTT client with MQTT server certificates.
However, in the SIM800 manufacturer's documentation on AT commands usage (here), there is nothing about associating the tls certificate. Given information concern making simple connections providing only the host, username and the password.
How can I make a connection that would take the certificate into account?
I'm working with a MINIO server and AWS cpp SDK client.
Everything works with HTTP, but after switching to HTTPS I'm getting "NETWORK CONNECTION" errors.
In Wireshark the connection is:
client Hello
server hello
server sends Certificate , Server key exchange, Certificate Request, Server Hello Done
client sends ack
client sends FIN, ACK
When activating debug, aws logs the following error: WinHttpSyncHttpClient [54364] Send request failed: A certificate is required to complete client authentication
What works:
AWS CLI to the MINIO (works with TLS 1.3 so the connection looks different)
The same SDK with no SSL connection (when turning if off in MINIO as well).
The same SDK works well with AWS S3 (with SSL).
What was tried and does not work:
Turning "verifySSL" on and off
Sending and not sending region
Manually switching to HTTP 1.1
Does anyone have ideas on how to identify\solve the problem?
We managed to bypass the problem by switching to OpenSSL instead of WinHttpSyncHttpClient, by turning the relevant flag in AWS SDK CMake file.
I am using MOKOSMART_mkgw1 to collect data and send it to AWS IoT Core.
for that, I need to set the following configurations,
endpoint (aws iot endpoint)
topic (any)
device certificate and private key
root ca.
I was able to connect and send data to aws iot core.
now I want to connect it to aws greengrass device instead of iot core directly.
i have greengrass running, on ip 192.196.1.12 on port 8883 (windows machine).
i download Group CA using basic discovery api. so i used this mqtt settings for device:
broker endpoint (192.168.1.12:8883)
topic (same as registered in subscription in aws iot GG)
device certificate and private key (the device is registered in aws iot GG)
Group CA (downloaded by basic discovery sample application)
but i am still not able to connect to aws gg?
my understanding is aws GG also has a MQTT broker. so by providing a proper authentication and topic, i should be able to connect to it, whether or not I have aws device SDKs or not. am i wrong? what does "basic discovery example" do extra to be able to connect to aws gg ??
I am so sorry for wasting your time if you brainstorm on this question.
the issue was, I was passing a random clientID in MQTT.
instead, I passed "Device Name" as the client ID and it worked.
keep this question here if someone else falls in the same hole.
I've been following the AWS IoT docs trying to get started with the MQTT tutorial at
http://docs.aws.amazon.com/iot/latest/developerguide/protocols.html#mqtt-ws
to set up a WebSocket connection to AWS IoT in a web application. The first step is to initiate a WebSocket connection by making a GET request to an endpoint created by following the steps in the tutorial but I'm getting this error:
XMLHttpRequest cannot load <my endpoint> Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-extension, https, chrome-extension-resource.
I was wondering if anyone has encountered this error and if so, how they resolved it?
Here's a link to the code https://github.com/dwyl/learn-aws-iot/blob/2c8035728ec8228e296580c8714f3f7ace870fbe/src/js/components/App.js
Here's an example of how I'm opening the channel. I'm using Cognito unauth roles as a subscriber. I'm using the JS Paho client as well.
http://draw.kyleroche.com/main.js
AWS Labs has also posted an MQTT over WebSockets reference example here: https://github.com/awslabs/aws-iot-examples