尝试连接到AWS IoT时出现错误无法获取本地发行者证书(_ssl.c:1056)

时间:2020-04-25 07:26:47

标签: python-3.x amazon-web-services ssl raspberry-pi mqtt

尝试连接IoT时出现以下错误

    myAWSIoTMQTTShadowClient.connect()
  File "/usr/local/lib/python3.7/dist-packages/AWSIoTPythonSDK/MQTTLib.py", line 1271, in connect
    return self._AWSIoTMQTTClient.connect(keepAliveIntervalSecond)
  File "/usr/local/lib/python3.7/dist-packages/AWSIoTPythonSDK/MQTTLib.py", line 513, in connect
    return self._mqtt_core.connect(keepAliveIntervalSecond)
  File "/usr/local/lib/python3.7/dist-packages/AWSIoTPythonSDK/core/protocol/mqtt_core.py", line 196, in connect
    self.connect_async(keep_alive_sec, self._create_blocking_ack_callback(event))
  File "/usr/local/lib/python3.7/dist-packages/AWSIoTPythonSDK/core/protocol/mqtt_core.py", line 223, in connect_async
    raise e
  File "/usr/local/lib/python3.7/dist-packages/AWSIoTPythonSDK/core/protocol/mqtt_core.py", line 211, in connect_async
    rc = self._internal_async_client.connect(keep_alive_sec, ack_callback)
  File "/usr/local/lib/python3.7/dist-packages/AWSIoTPythonSDK/core/protocol/internal/clients.py", line 122, in connect
    rc = self._paho_client.connect(host, port, keep_alive_sec)
  File "/usr/local/lib/python3.7/dist-packages/AWSIoTPythonSDK/core/protocol/paho/client.py", line 665, in connect
    return self.reconnect()
  File "/usr/local/lib/python3.7/dist-packages/AWSIoTPythonSDK/core/protocol/paho/client.py", line 826, in reconnect
    ciphers=self._tls_ciphers)
  File "/usr/lib/python3.7/ssl.py", line 1222, in wrap_socket
    suppress_ragged_eofs=suppress_ragged_eofs
  File "/usr/lib/python3.7/ssl.py", line 412, in wrap_socket
    session=session
  File "/usr/lib/python3.7/ssl.py", line 853, in _create
    self.do_handshake()
  File "/usr/lib/python3.7/ssl.py", line 1117, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1056)

我尝试了在这里找到的几种方法,包括https://timonweb.com/tutorials/fixing-certificate_verify_failed-error-when-trying-requests_html-out-on-mac/

但似乎没有任何效果。我正在使用Python 3运行Raspbian Linux

正在运行的命令

python3 Script.py --endpoint "aws endpoint" --rootCA /etc/ssl/certs/AmazonRootCA1.pem --cert /greengrass/certs/RPI-certificate.pem.crt --key /greengrass/certs/RPI-private.pem.key --thingName RaspberryPi --clientId RaspberryPi

还有其他建议吗?

1 个答案:

答案 0 :(得分:0)

今天在我第一次尝试使用Pi IoT SDK时,我也看到了这个确切的错误。

就我而言,我使用的是Amazon根CA(RSA 2048)证书(由Amazon指示)。通过切换到 VeriSign Class 3 Public Primary G5根CA证书(也在其网站上发布),连接正常。

因此,请尝试使用从https://docs.aws.amazon.com/iot/latest/developerguide/server-authentication.html到AWS IoT文档链接的 VeriSign端点(旧版)根证书。

相关问题
最新问题