使用 WebSocket 的 AWS IoT MQTT:CERTIFICATE_VERIFY_FAILED
AWS IoT MQTT using WebSocket : CERTIFICATE_VERIFY_FAILED
我正在尝试使用 Python 脚本设置 AWS IoT,如 link:
中所述
我可以在没有 WebSocket 的情况下连接 AWS IoT MQTT(使用 x.509 证书)。
# creates the AWS IoT
def createIoT():
iot = AWSIoTMQTTShadowClient('AWSHome')
# update this with your own endpoint from the IOT dashboard
iot.configureEndpoint('allj.iot.reg.amazonaws.com', 443)
iot.configureCredentials('rootCA','private.key','certificate.crt')
iot.configureConnectDisconnectTimeout(10) # 10 sec
iot.configureMQTTOperationTimeout(5) # 5 sec
iot.connect()
return
但是当我尝试使用 WebSocket 连接 AWS IoT MQTT 时,出现以下错误:
使用 运行 这个命令生成的证书:wget
# creates the AWS IoT
def createIoT():
iot = AWSIoTMQTTShadowClient('AWSHome')
# update this with your own endpoint from the IOT dashboard
iot.configureEndpoint('asdasd.reg.amazonaws.com', 443)
iot.configureCredentials('VeriSign-Class%203-Public-Primary-Certification-Authority-G5.pem')
iot.configureConnectDisconnectTimeout(10) # 10 sec
iot.configureMQTTOperationTimeout(5) # 5 sec
iot.connect()
return
错误:
Traceback (most recent call last):
File "./awshome.py", line 60, in <module> iot = createIoT()
File "./awshome.py", line 50, in createIoT iot.connect() File "/home/pi/.local/lib/python2.7/site-packages/AWSIoTPythonSDK/MQTTLib.py", line 1216, in connect return
self._AWSIoTMQTTClient.connect(keepAliveIntervalSecond)
File "/home/pi/.local/lib/python2.7/site-packages/AWSIoTPythonSDK/MQTTLib.py", line 485, in connect return self._mqtt_core.connect(keepAliveIntervalSecond)
File "/home/pi/.local/lib/python2.7/site-packages/AWSIoTPythonSDK/core/protocol/mqtt_core.py", line 192, in connect self.connect_async(keep_alive_sec, self._create_blocking_ack_callback(event))
File "/home/pi/.local/lib/python2.7/site-packages/AWSIoTPythonSDK/core/protocol/mqtt_core.py", line 219, in connect_async
raise e
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:661)ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:661)
可能是您拥有自签名证书,或者发生其他原因导致证书无效。问题是你想要实现什么......如果重点是看到它工作:
import ssl
ssl._create_default_https_context = ssl._create_unverified_context
这是一个非常丑陋的解决方案,, and here 你有更广泛的解释。
自 2018 年 5 月以来,AWS IoT Core 的端点和证书都发生了变化。
简而言之,您需要:
- 将您的端点更改为
a1am7bjirugllj-ats.iot.us-east-1.amazonaws.com(注意 -ats)
- 使用其中一个 AWS 根 CA (https://www.amazontrust.com/repository/AmazonRootCA1.pem)
完整详情:https://aws.amazon.com/blogs/iot/aws-iot-core-ats-endpoints/
我正在尝试使用 Python 脚本设置 AWS IoT,如 link:
中所述我可以在没有 WebSocket 的情况下连接 AWS IoT MQTT(使用 x.509 证书)。
# creates the AWS IoT
def createIoT():
iot = AWSIoTMQTTShadowClient('AWSHome')
# update this with your own endpoint from the IOT dashboard
iot.configureEndpoint('allj.iot.reg.amazonaws.com', 443)
iot.configureCredentials('rootCA','private.key','certificate.crt')
iot.configureConnectDisconnectTimeout(10) # 10 sec
iot.configureMQTTOperationTimeout(5) # 5 sec
iot.connect()
return
但是当我尝试使用 WebSocket 连接 AWS IoT MQTT 时,出现以下错误:
使用 运行 这个命令生成的证书:wget
# creates the AWS IoT
def createIoT():
iot = AWSIoTMQTTShadowClient('AWSHome')
# update this with your own endpoint from the IOT dashboard
iot.configureEndpoint('asdasd.reg.amazonaws.com', 443)
iot.configureCredentials('VeriSign-Class%203-Public-Primary-Certification-Authority-G5.pem')
iot.configureConnectDisconnectTimeout(10) # 10 sec
iot.configureMQTTOperationTimeout(5) # 5 sec
iot.connect()
return
错误:
Traceback (most recent call last):
File "./awshome.py", line 60, in <module> iot = createIoT()
File "./awshome.py", line 50, in createIoT iot.connect() File "/home/pi/.local/lib/python2.7/site-packages/AWSIoTPythonSDK/MQTTLib.py", line 1216, in connect return
self._AWSIoTMQTTClient.connect(keepAliveIntervalSecond)
File "/home/pi/.local/lib/python2.7/site-packages/AWSIoTPythonSDK/MQTTLib.py", line 485, in connect return self._mqtt_core.connect(keepAliveIntervalSecond)
File "/home/pi/.local/lib/python2.7/site-packages/AWSIoTPythonSDK/core/protocol/mqtt_core.py", line 192, in connect self.connect_async(keep_alive_sec, self._create_blocking_ack_callback(event))
File "/home/pi/.local/lib/python2.7/site-packages/AWSIoTPythonSDK/core/protocol/mqtt_core.py", line 219, in connect_async
raise e
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:661)ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:661)
可能是您拥有自签名证书,或者发生其他原因导致证书无效。问题是你想要实现什么......如果重点是看到它工作:
import ssl
ssl._create_default_https_context = ssl._create_unverified_context
这是一个非常丑陋的解决方案,
自 2018 年 5 月以来,AWS IoT Core 的端点和证书都发生了变化。
简而言之,您需要:
- 将您的端点更改为
a1am7bjirugllj-ats.iot.us-east-1.amazonaws.com(注意-ats) - 使用其中一个 AWS 根 CA (https://www.amazontrust.com/repository/AmazonRootCA1.pem)
完整详情:https://aws.amazon.com/blogs/iot/aws-iot-core-ats-endpoints/