使用WebSocket的AWS IoT MQTT:CERTIFICATE_VERIFY_FAILED

时间:2018-11-02 13:04:24

标签: python websocket iot x509 aws-iot

我正在尝试使用link中提到的Python脚本设置AWS IoT:

我无需WebSocket(使用x.509证书)就可以在AWS IoT MQTT上进行连接。

# creates the AWS IoT 
def createIoT(): 
   iot = AWSIoTMQTTShadowClient('AWSHome') 
   # update this with your own endpoint from the IOT dashboard 
   iot.configureEndpoint('allj.iot.reg.amazonaws.com', 443) 
   iot.configureCredentials('rootCA','private.key','certificate.crt') 
   iot.configureConnectDisconnectTimeout(10)  # 10 sec 
   iot.configureMQTTOperationTimeout(5)  # 5 sec 
   iot.connect() 
   return

但是当我尝试使用WebSocket在AWS IoT MQTT上进行连接时,出现以下错误:

使用通过运行以下命令生成的证书:wget 

# creates the AWS IoT 
def createIoT(): 
   iot = AWSIoTMQTTShadowClient('AWSHome') 
   # update this with your own endpoint from the IOT dashboard 
   iot.configureEndpoint('asdasd.reg.amazonaws.com', 443) 
   iot.configureCredentials('VeriSign-Class%203-Public-Primary-Certification-Authority-G5.pem') 
   iot.configureConnectDisconnectTimeout(10)  # 10 sec 
   iot.configureMQTTOperationTimeout(5)  # 5 sec 
   iot.connect() 
   return

错误:

    Traceback (most recent call last): 
    File "./awshome.py", line 60, in <module> iot = createIoT() 
    File "./awshome.py", line 50, in createIoT iot.connect() File "/home/pi/.local/lib/python2.7/site-packages/AWSIoTPythonSDK/MQTTLib.py", line 1216, in connect return         
    self._AWSIoTMQTTClient.connect(keepAliveIntervalSecond) 
    File "/home/pi/.local/lib/python2.7/site-packages/AWSIoTPythonSDK/MQTTLib.py", line 485, in connect return self._mqtt_core.connect(keepAliveIntervalSecond) 
    File "/home/pi/.local/lib/python2.7/site-packages/AWSIoTPythonSDK/core/protocol/mqtt_core.py", line 192, in connect self.connect_async(keep_alive_sec, self._create_blocking_ack_callback(event)) 
    File "/home/pi/.local/lib/python2.7/site-packages/AWSIoTPythonSDK/core/protocol/mqtt_core.py", line 219, in connect_async 
    raise e 
    ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:661)ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:661)

2 个答案:

答案 0 :(得分:1)

自2018年5月以来,AWS IoT Core的端点和证书均已更改。

简而言之,您需要:

  1. 将端点更改为a1am7bjirugllj-ats.iot.us-east-1.amazonaws.com(请注意-ats
  2. 使用其中一个AWS根CA(https://www.amazontrust.com/repository/AmazonRootCA1.pem

详细信息:https://aws.amazon.com/blogs/iot/aws-iot-core-ats-endpoints/

答案 1 :(得分:0)

可能是您具有自签名证书,或者发生了其他使该证书无效的事情。问题是您想要实现什么...如果要确保它起作用,就可以了:

import ssl

ssl._create_default_https_context = ssl._create_unverified_context

这是一个非常丑陋的解决方案,herehere您有更广泛的解释。

相关问题
最新问题