This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm that you accept these cookies being set.

MQTT lib references? enable TLS for use with AWS
#1
Hi there! Im new to the forum, maybe this is a redundant thread but I cant find it anywere in the forums... or the internet  Rolleyes 


I need to configure the MQTT library to be used with AWS so far i can connect to a broker without authentication or just with user and password...


the libs i downloaded from the admin post are here: Libs Files


And used this code to connect to my broker:

Code:
broker = 'broker ip'

--client:login_set("","")  as i dont have credentials to my broker test server
client:connect(broker,1883)

now i need to setup the LM to connect to AWS but i need to provide TLS security with all the files needed to it root, Private etc etc...


So... is this possible??


any help is very appreciated


Thanks in advance 


-Juan
Reply
#2
Please update LM to 2018 RC1 firmware, it has MQTT libraries built in and it uses latest version that has some SSL issues fixed.

This library is used in LM: https://github.com/flukso/lua-mosquitto

Before connection is established you need to provide paths to certificate files. You can upload certificates via ftp. Keyfiles cannot have a passphrase.

Only server certificate is used:
Code:
cafile = '/home/ftp/server.crt'
mclient:tls_set(cafile)

Both client and server certificates are used:
Code:
cafile = '/home/ftp/server.crt'
certfile = '/home/ftp/client.crt'
keyfile = '/home/ftp/client.key'
mclient:tls_set(cafile, nil, certfile, keyfile)
Reply
#3
Hi again Thanks for the help.

now i Have this issue with the script it get me te following error code:

Conexion MQTT AWS 22.11.2018 15:18:54
Resident script:31: Invalid function arguments provided.
stack traceback:
[C]: in function 'tls_set'
Reply
#4
Have you uploaded all certificate files to FTP correctly?
Reply
#5
(23.11.2018, 15:27)admin Wrote: Have you uploaded all certificate files to FTP correctly?

Yes done several times maybe something is wrong with my procedure?

I connect to my FTP server with open "IP"

then use cd /home/ftp/    [I had to create this folders]

then use send "file.crt" etc etc for the other files 

is there a way to see if the files are actually stored in LM?

also im starting tests for Google Clooud and there is also a difficultys....
Reply
#6
Hi,

/home/ftp is the root location of the build in ftp server, you should not create folders..

BR,

Erwin
Reply
#7
(23.11.2018, 18:58)Erwin van der Zwart Wrote: Hi,

Do you use a external ftp server??

/home/ftp is the root location of the build in ftp server, you should not create folders..

BR,

Erwin

I mean connecto to the FTP 

I use a windows laptop to upload the files maybe im actually doing something wrong?

i tried both the apps user and the ftp user to login.....

again is there a way to see if the files are there?
Reply
#8
Hi,

Use your windows explorer (not browser!) by entering ftp:// ftp:ftp@192.168.0.10 in the path bar, or use filezilla, total commander or another ftp client to login to the ftp server with username ‘ftp’ and default password ‘ftp’, also make sure the ftp server is enabled. 

There you see the files or copy them there.

BR,

Erwin
Reply
#9
(23.11.2018, 19:09)Erwin van der Zwart Wrote: Hi,

Use your windows explorer (not browser!) by entering ftp:// ftp:ftp@192.168.0.10 in the path bar, or use filezilla, total commander or another ftp client to login to the ftp server with username ‘ftp’ and default password ‘ftp’, also make sure the ftp server is enabled. 

There you see the files or copy them there.

BR,

Erwin

Just did and the files are there.... what could possibly be the problem?

thanks in advance
Reply
#10
Hi,

In folders or direct on root?

BR,

Erwin
Reply
#11
(23.11.2018, 19:18)Erwin van der Zwart Wrote: Hi,

In folders or direct on root?

BR,

Erwin

folders exactly as i mention..

I had to create these folders path is /home/ftp/

i just tested again and its the same also i have to change directorys with cd in the FTP terminal....

the code looks like this....

Code:
broker = 'awsarn'
cafile = '/home/ftp/cafile.crt'
certfile = '/home/ftp/cert.crt'
keyfile = '/home/ftp/private.key'
client:tls_set(cafile, nil, certfile, keyfile)
--client:login_set("undefine",jwt) --GCS not working also
client:connect(broker,8883)
Reply
#12
Hi,

That is not correct, the files needs to be direct in the root of the ftp without folders.

In script we use /home/ftp but that is just the internal path to the internal ftp server at root level.

If you have the folders like now your path would be /home/ftp/home/ftp/xxxxx.crt

BR,

Erwin
Reply
#13
(23.11.2018, 19:57)Erwin van der Zwart Wrote: Hi,

That is not correct, the files needs to be direct in the root of the ftp without folders.

In script we use /home/ftp but that is just the internal path to the internal ftp server at root level.

If you have the folders like now your path would be /home/ftp/home/ftp/xxxxx.crt

BR,

Erwin

Thats correct weird enough the files dont show in the root folder even when i send them to the root anyway THANK YOU!

The error message is gone now but the AWS is not receiving anything.... tested with node-red and its working any ideas?
Reply
#14
Post whole code that you're using.
Reply
#15
(26.11.2018, 10:29)admin Wrote: Post whole code that you're using.

Code:
mqtt = require("mosquitto")
client = mqtt.new()

client.ON_CONNECT = function()
       client:publish("world", "hello")
       local qos = 0
 local retain = false

 local mid = client:publish("/Office/PM/PM710/Voltage", string.format("%.2f", grp.getvalue('7/0/0')), qos, retain)
 local mid = client:publish("/Office/MT300/Temp", string.format("%.2f",grp.getvalue('7/0/2')), qos, retain)
 local mid = client:publish("/Office/PAC3200/Voltage/Fase1", string.format("%.2f",grp.getvalue('7/0/3')), qos, retain)
 local mid = client:publish("/Office/PAC3200/Corriente/Fase1", string.format("%.2f",grp.getvalue('7/0/10')), qos, retain)
 local mid = client:publish("/Office/PAC3200/Corriente/Fase2", string.format("%.2f",grp.getvalue('7/0/11')), qos, retain)  
 local mid = client:publish("/Office/PAC3200/Corriente/Fase3", string.format("%.2f",grp.getvalue('7/0/12')), qos, retain)  
 local mid = client:publish("/Office/PAC3200/PATotal", string.format("%.2f",grp.getvalue('7/0/13')), qos, retain)  
 
end

client.ON_PUBLISH = function()
client:disconnect()
end

broker = 'url'
cafile = '/home/ftp/home/ftp/CA-Root.pem'
certfile = '/home/ftp/home/ftp/8f8253e1f4-certificate.pem.crt'
keyfile = '/home/ftp/home/ftp/8f8253e1f4-private.pem.key'
client:tls_set(cafile, nil, certfile, keyfile)
--client:login_set("undefine",jwt) --Testing GCS
client:connect(broker, 8883)
client:loop_forever()

This is the code is now working ok with a Mosquitto install in a different server but with no security.....

Should be done differently?

Thanks for all the help so far.  Big Grin
Reply
#16
Have you updated firmware to 2018 RC1?
Reply
#17
(26.11.2018, 14:50)admin Wrote: Have you updated firmware to 2018 RC1?

yes....

Testing with both AWS and Google and seems like its broken..

No error logs or warning even added some logs each time it try to send a payload and seems ok but nothing is arriving at the other side...

i find something interesting in the google documentation...

it uses JWT to connect with the server in the password fied....

is there any CreateJWT() kind of function available?
Reply
#18
I got it working with a node_MCU and its needed the JWT is there any way to have this working?
Reply
#19
You have disconnect on first publish, remove this code.
Code:
client.ON_PUBLISH = function()
  client:disconnect()
end

Also, try replacing the loop part to log the result:
Code:
while true do
  res, err = client:loop()
  if not res then
    log('mqtt error', err)
    os.sleep(1)
  end
end
Reply
#20
(29.11.2018, 08:53)admin Wrote: You have disconnect on first publish, remove this code.
Code:
client.ON_PUBLISH = function()
 client:disconnect()
end

Also, try replacing the loop part to log the result:
Code:
while true do
 res, err = client:loop()
 if not res then
   log('mqtt error', err)
   os.sleep(1)
 end
end

Log sends MQTT error now maybe its something wrong with the certificate files??
Reply


Forum Jump: