В данный момент моя учебная группа и я работаем над проектом.В попытке использовать AWS IoT Core мы пытаемся использовать aws-iot-device-sdk-embedded-c.Мы создали Thing, создали сертификат и загрузили закрытый ключ, открытый (без причины) ключ, сертификат и загрузили корневой Ca.Мы разместили эти ключи и сертификаты в папке certs.У вещи также есть политика, которая позволяет все в настоящее время.Мы просто хотим, чтобы простое соединение работало, прежде чем что-то защищать.
Мы надеемся просто подключиться, используя subse_publish_sample в SDK, прежде чем использовать SDK в наших собственных целях.
Мы отредактировали файл aws_iot_config.h, чтобы он соответствовал именам сертификатов, ключей и имени хоста нашей тени.
До сих пор мы не смогли найти ни одного форума на каком-либо форуме о коде ошибки -0x2700.
Вывод:
AWS IoT SDK Version 3.0.1-
DEBUG: main L#159 rootCA /Users/Andy/Documents/Arduino/libraries/aws-iot-device-sdk-embedded-C/samples/linux/subscribe_publish_sample/../../../certs/rootCa.pem
DEBUG: main L#160 clientCRT /Users/Andy/Documents/Arduino/libraries/aws-iot-device-sdk-embedded-C/samples/linux/subscribe_publish_sample/../../../certs/2386622fde-certificate.pem.crt
DEBUG: main L#161 clientKey /Users/Andy/Documents/Arduino/libraries/aws-iot-device-sdk-embedded-C/samples/linux/subscribe_publish_sample/../../../certs/2386622fde-private.pem.key
Connecting...
DEBUG: iot_tls_connect L#130
. Seeding the random number generator...
DEBUG: iot_tls_connect L#138 . Loading the CA root certificate ...
DEBUG: iot_tls_connect L#144 ok (0 skipped)
DEBUG: iot_tls_connect L#146 . Loading the client cert. and key...
DEBUG: iot_tls_connect L#159 ok
DEBUG: iot_tls_connect L#161 . Connecting to xxxxxxxxx-xxx.iot.eu-west-1.amazonaws.com/8883...
DEBUG: iot_tls_connect L#180 ok
DEBUG: iot_tls_connect L#182 . Setting up the SSL/TLS structure...
DEBUG: iot_tls_connect L#223
SSL state connect : 0
DEBUG: iot_tls_connect L#226 ok
DEBUG: iot_tls_connect L#228
SSL state connect : 0
DEBUG: iot_tls_connect L#229 . Performing the SSL/TLS handshake...
DEBUG: _iot_tls_verify_cert L#49
Verify requested for (Depth 3):
DEBUG: _iot_tls_verify_cert L#51 cert. version : 3
serial number : A7:0E:4A:4C:34:82:B7:7F
issuer name : C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
subject name : C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Services Root Certificate Authority - G2
issued on : 2009-09-02 00:00:00
expires on : 2034-06-28 17:39:16
signed using : RSA with SHA-256
RSA key size : 2048 bits
basic constraints : CA=true
key usage : Digital Signature, Key Cert Sign, CRL Sign
DEBUG: _iot_tls_verify_cert L#56 cert. version : 3
serial number : A7:0E:4A:4C:34:82:B7:7F
issuer name : C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
subject name : C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Services Root Certificate Authority - G2
issued on : 2009-09-02 00:00:00
expires on : 2034-06-28 17:39:16
signed using : RSA with SHA-256
RSA key size : 2048 bits
basic constraints : CA=true
key usage : Digital Signature, Key Cert Sign, CRL Sign
DEBUG: _iot_tls_verify_cert L#57 cert. version : 3
serial number : A7:0E:4A:4C:34:82:B7:7F
issuer name : C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
subject name : C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Services Root Certificate Authority - G2
issued on : 2009-09-02 00:00:00
expires on : 2034-06-28 17:39:16
signed using : RSA with SHA-256
RSA key size : 2048 bits
basic constraints : CA=true
key usage : Digital Signature, Key Cert Sign, CRL Sign
DEBUG: _iot_tls_verify_cert L#49
Verify requested for (Depth 2):
DEBUG: _iot_tls_verify_cert L#51 cert. version : 3
serial number : 06:7F:94:4A:2A:27:CD:F3:FA:C2:AE:2B:01:F9:08:EE:B9:C4:C6
issuer name : C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Services Root Certificate Authority - G2
subject name : C=US, O=Amazon, CN=Amazon Root CA 1
issued on : 2015-05-25 12:00:00
expires on : 2037-12-31 01:00:00
signed using : RSA with SHA-256
RSA key size : 2048 bits
basic constraints : CA=true
key usage : Digital Signature, Key Cert Sign, CRL Sign
DEBUG: _iot_tls_verify_cert L#54 This certificate has no flags
DEBUG: _iot_tls_verify_cert L#49
Verify requested for (Depth 1):
DEBUG: _iot_tls_verify_cert L#51 cert. version : 3
serial number : 06:7F:94:57:85:87:E8:AC:77:DE:B2:53:32:5B:BC:99:8B:56:0D
issuer name : C=US, O=Amazon, CN=Amazon Root CA 1
subject name : C=US, O=Amazon, OU=Server CA 1B, CN=Amazon
issued on : 2015-10-22 00:00:00
expires on : 2025-10-19 00:00:00
signed using : RSA with SHA-256
RSA key size : 2048 bits
basic constraints : CA=true, max_pathlen=0
key usage : Digital Signature, Key Cert Sign, CRL Sign
DEBUG: _iot_tls_verify_cert L#54 This certificate has no flags
DEBUG: _iot_tls_verify_cert L#49
Verify requested for (Depth 0):
DEBUG: _iot_tls_verify_cert L#51 cert. version : 3
serial number : 06:C9:C7:B7:84:F0:8F:8B:34:87:5D:DD:81:FF:E4:F0
issuer name : C=US, O=Amazon, OU=Server CA 1B, CN=Amazon
subject name : CN=*.iot.eu-west-1.amazonaws.com
issued on : 2018-08-02 00:00:00
expires on : 2019-08-02 12:00:00
signed using : RSA with SHA-256
RSA key size : 2048 bits
basic constraints : CA=false
subject alt name : iot.eu-west-1.amazonaws.com, *.iot.eu-west-1.amazonaws.com
key usage : Digital Signature, Key Encipherment
ext key usage : TLS Web Server Authentication, TLS Web Client Authentication
DEBUG: _iot_tls_verify_cert L#54 This certificate has no flags
ERROR: iot_tls_connect L#232 failed
! mbedtls_ssl_handshake returned -0x2700
ERROR: iot_tls_connect L#239 Unable to verify the server's certificate. Either it is invalid,
or you didn't set ca_file or ca_path to an appropriate value.
Alternatively, you may want to use auth_mode=optional for testing purposes.
ERROR: main L#190 Error(-4) connecting to xxxxxxxxx-xxxx.iot.eu-west-1.amazonaws.com:8883
Мы попытались заменить все сертификаты, ключи, вещи, политики и т. Д., Поэтому мы должны что-то делать не так.