copercini
Issue connecting esp8266_aws_iot
Hello Guys, I am new here, I have a problem with arduino when opening certification files .der type, they don't open i dont know why. here's what i got when opening serial monitor :
...scandone state: 0 -> 2 (b0) .state: 2 -> 3 (0) state: 3 -> 5 (10) add 0 aid 10 cnt
connected with Nakhle..., channel 6 dhcp client start... ip:192.168.2.227,mask:255.255.255.0,gw:192.168.2.1 . WiFi connected IP address: 192.168.2.227 Heap: 40504 Failed to open cert file cert not loaded Failed to open private cert file private key not loaded Failed to open ca ca failed Heap: 40504 Attempting MQTT connection...failed, rc=-2 try again in 5 seconds WiFiClientSecure SSL error: Chain could not be linked to a trust anchor. Attempting MQTT connection...failed, rc=-2 try again in 5 seconds WiFiClientSecure SSL error: Chain could not be linked to a trust anchor.
My Code is the following:
#include "FS.h" #include <ESP8266WiFi.h> #include <PubSubClient.h> //https://www.arduinolibraries.info/libraries/pub-sub-client #include <NTPClient.h> //https://www.arduinolibraries.info/libraries/ntp-client #include <WiFiUDP.h> //#define LISTEN_PORT 8883 // Update these with values suitable for your network. #define MQTT_TOPIC "$aws/things/ESP8266-FYP-test1/shadow/update" //topic for the MQTT const char* ssid = "Nakhle..."; const char* password = "My Wifi Password ";
WiFiUDP ntpUDP; NTPClient timeClient(ntpUDP, "pool.ntp.org"); const char* AWS_endpoint = "a3rbwtuy3wpxaf-ats.iot.us-east-2.amazonaws.com"; //MQTT broker ip
void callback(char* topic, byte* payload, unsigned int length) {
Serial.print("Message arrived [");
Serial.print(topic);
Serial.print("] ");
for (int i = 0; i < length; i++) {
Serial.print((char)payload[i]); // Pring payload content
}
char led = (char)payload[62]; // Extracting the controlling command from the Payload to Controlling LED from AWS
Serial.print("led command=");
Serial.println(led);
if(led==49) // 49 is the ASCI value of 1
{
digitalWrite(D5, HIGH);
Serial.println("LED_State changed to HIGH");
}
else if(led==48) // 48 is the ASCI value of 0
{
digitalWrite(D5, LOW);
Serial.println("LED_State changed to LOW");
}
Serial.println();
}
WiFiClientSecure espClient;
PubSubClient client(AWS_endpoint, 8883, callback, espClient); //set MQTT port number to 8883 as per //standard
long lastMsg = 0;
char msg[50];
int value = 0;
void setup_wifi() {
delay(10); // We start by connecting to a WiFi network espClient.setBufferSizes(512, 512); Serial.println(); Serial.print("Connecting to "); Serial.println(ssid);
WiFi.begin(ssid, password);
while (WiFi.status() != WL_CONNECTED) { delay(500); Serial.print("."); }
Serial.println(""); Serial.println("WiFi connected"); Serial.println("IP address: "); Serial.println(WiFi.localIP());
timeClient.begin(); while(!timeClient.update()){ timeClient.forceUpdate(); }
espClient.setX509Time(timeClient.getEpochTime());
}
void reconnect() { // Loop until we're reconnected while (!client.connected()) { Serial.print("Attempting MQTT connection..."); // Attempt to connect if (client.connect("ESPthing")) { Serial.println("connected"); // Once connected, publish an announcement... client.publish("outTopic", "hello world"); // ... and resubscribe client.subscribe("inTopic"); } else { Serial.print("failed, rc="); Serial.print(client.state()); Serial.println(" try again in 5 seconds");
char buf[256];
espClient.getLastSSLError(buf,256);
Serial.print("WiFiClientSecure SSL error: ");
Serial.println(buf);
// Wait 5 seconds before retrying
delay(5000);
}
} }
void setup() {
Serial.begin(9600); Serial.setDebugOutput(true); // initialize digital pin LED_BUILTIN as an output. pinMode(D5, OUTPUT); setup_wifi(); delay(1000); if (!SPIFFS.begin()) { Serial.println("Failed to mount file system"); return; }
Serial.print("Heap: "); Serial.println(ESP.getFreeHeap()); // Load certificate file File cert = SPIFFS.open("C:/Users/User/Desktop/ESP8266_AWS-IOTCore/data/cert.der", "r"); //replace cert.crt eith your uploaded file name if (!cert) { Serial.println("Failed to open cert file"); } else Serial.println("Success to open cert file");
delay(1000);
if (espClient.loadCertificate(cert)) Serial.println("cert loaded"); else Serial.println("cert not loaded");
// Load private key file File private_key = SPIFFS.open("C:/Users/User/Desktop/ESP8266_AWS-IOTCore/data/private.der", "r"); //replace private eith your uploaded file name if (!private_key) { Serial.println("Failed to open private cert file"); } else Serial.println("Success to open private cert file");
delay(1000);
if (espClient.loadPrivateKey(private_key)) Serial.println("private key loaded"); else Serial.println("private key not loaded");
// Load CA file
File ca = SPIFFS.open("C:/Users/User/Desktop/ESP8266_AWS-IOTCore/data/ca.der", "r"); //replace ca eith your uploaded file name
if (!ca) {
Serial.println("Failed to open ca ");
}
else
Serial.println("Success to open ca");
delay(1000);
if(espClient.loadCACert(ca))
Serial.println("ca loaded");
else
Serial.println("ca failed");
Serial.print("Heap: "); Serial.println(ESP.getFreeHeap()); }
void loop() {
if (!client.connected()) { reconnect(); } client.loop(); }
Elie4, I'm not sure exactly, check that you loaded the certs into the ESP8266 using the "ESP826 Sketch data upload" command in the "tools" menu of the sketch. The sketch expects the certs to reside on the ESP8266, the way you have it is trying to read from the desktop, it looks like to me
hello fixingthingsguy, Thanks for replying. can you tell me how can i upload the certification on the board please, cause i only have the above code..
Looks like we need to step back. Did you set up OSSL to convert the certs that you downloaded from AWS? If the answer is yes, may want to repeat the step(ie download certs, run it through OSSL) If the answer is no, perhaps you can follow this site which is based on Copercini(good directions but does not give credit to Copercini, unfortunate). He does exactly like Copercini's instructions but a little more detail that might help you. Please follow those instructions to the letter! The video is pretty good too. Might take you a few days to get this done, but check that you did each step exactly as specified. And it will work. https://electronicsinnovation.com/how-to-connect-nodemcu-esp8266-with-aws-iot-core-using-arduino-ide-mqtt/ Good luck.
One additional point to the "Yes" answer (needs to be done anyhow no matter the answer!)
The certs have to be in the same directory in a specific directory named "data" as your sketch. This is so esp8266 can load the certs into the ESP8266. Please don't copy below unless you have verified as I don't check the syntax closely. Concept provided.
File cert = SPIFFS.open("/cert.der", "r");
File private_key = SPIFFS.open(" /private.der", "r");
File ca = SPIFFS.open(" /ca.der", "r");
One additional point to the "Yes" answer (needs to be done anyhow no matter the answer!) The certs have to be in the same directory in a specific directory named "data" as your sketch. This is so esp8266 can load the certs into the ESP8266. Please don't copy below unless you have verified as I don't check the syntax closely. Concept provided. File cert = SPIFFS.open("/cert.der", "r"); File private_key = SPIFFS.open(" /private.der", "r"); File ca = SPIFFS.open(" /ca.der", "r");
Thank you very much my problem is solved.
Please follow the link provided [https://electronicsinnovation.com/how-to-connect-nodemcu-esp8266-with-aws-iot-core-using-arduino-ide-mqtt/] Takes some time, but will get you there.
Please follow the link provided [https://electronicsinnovation.com/how-to-connect-nodemcu-esp8266-with-aws-iot-core-using-arduino-ide-mqtt/] Takes some time, but will get you there.
hey brother can you please reply my error i followed the steps correctly according to your vedio it took lot of time but it helped almost till 4 steps
i downloaded open ssl and converted the certficates into pem to der format
after that i installed esp8266 sketch book required zip file and uplaoded my certicates
i attached the output image below
and still iam getting the same error
Attempting MQTT connection...failed, rc=-2 try again in 5 seconds WiFiClientSecure SSL error: Chain could not be linked to a trust anchor. Attempting MQTT connection...failed, rc=-2 try again in 5 seconds WiFiClientSecure SSL error: Chain could not be linked to a trust anchor. Attempting MQTT connection........scandone state: 0 -> 2 (b0) .state: 2 -> 3 (0) state: 3 -> 5 (10) add 0 aid 1 cnt .. connected with Corporate Tenant Wifi, channel 6 dhcp client start... ..ip:10.172.203.27,mask:255.255.254.0,gw:10.172.202.1 . WiFi connected IP address: 10.172.203.27 Heap: 40088 Failed to open cert file cert not loaded Failed to open private cert file private key not loaded Failed to open ca ca failed Heap: 40088 Attempting MQTT connection...failed, rc=-2 try again in 5 seconds WiFiClientSecure SSL error: Chain could not be linked to a trust anchor. Attempting MQTT connection...failed, rc=-2 try again in 5 seconds WiFiClientSecure SSL error: Chain could not be linked to a trust anchor. Attempting MQTT connection...failed, rc=-2 try again in 5 seconds WiFiClientSecure SSL error: Chain could not be linked to a trust anchor. Attempting MQTT connection...failed, rc=-2 try again in 5 seconds WiFiClientSecure SSL error: Chain could not be linked to a trust anchor. Attempting MQTT connection...failed, rc=-2 try again in 5 seconds WiFiClientSecure SSL error: Chain could not be linked to a trust anchor. Attempting MQTT connection...failed, rc=-2 try again in 5 seconds WiFiClientSecure SSL error: Chain could not be linked to a trust anchor. Attempting MQTT connection...failed, rc=-2 try again in 5 seconds WiFiClientSecure SSL error: Chain could not be linked to a trust anchor. Attempting MQTT connection...failed, rc=-2 try again in 5 seconds WiFiClientSecure SSL error: Chain could not be linked to a trust anchor. Attempting MQTT connection...failed, rc=-2 try again in 5 seconds WiFiClientSecure SSL error: Chain could not be linked to a trust anchor.
Hi can you please reply my error IAM TRYING TO CONNECT MY NODE MCU WITH AWS IOT CORE i was unable to open the cert files unable to open them
my code is compiled
the sourse code is
#include "FS.h" #include <ESP8266WiFi.h> #include <NTPClient.h> #include <WiFiUdp.h> #include <PubSubClient.h> // Update these with values suitable for your network. const char* ssid = "my wifi"; const char* password = "password123"; WiFiUDP ntpUDP; NTPClient timeClient(ntpUDP, "pool.ntp.org"); const char* AWS_endpoint = "our aws end point "; //MQTT broker ip//this is my private aws end point server void callback(char* topic, byte* payload, unsigned int length) { Serial.print("Message arrived ["); Serial.print(topic); Serial.print("] "); for (int i = 0; i<length; i++) { Serial.print((char)payload[i]); } Serial.println(); } WiFiClientSecure espClient; PubSubClient client(AWS_endpoint, 8883, callback, espClient); //set MQTT port number to 8883 as per //standard long lastMsg = 0; char msg[50]; int value = 0; void setup_wifi() { delay(10); // We start by connecting to a WiFi network espClient.setBufferSizes(512, 512); Serial.println(); Serial.print("Connecting to "); Serial.println(ssid); WiFi.begin(ssid, password); while (WiFi.status() != WL_CONNECTED) { delay(500); Serial.print("."); } Serial.println(""); Serial.println("WiFi connected"); Serial.println("IP address: "); Serial.println(WiFi.localIP()); timeClient.begin(); while(!timeClient.update()){ timeClient.forceUpdate(); } espClient.setX509Time(timeClient.getEpochTime()); } void reconnect() { // Loop until we're reconnected while (!client.connected()) { Serial.print("Attempting MQTT connection..."); // Attempt to connect if (client.connect("ESPthing")) { Serial.println("connected"); // Once connected, publish an announcement... client.publish("outTopic", "hello world"); // ... and resubscribe client.subscribe("inTopic"); } else { Serial.print("failed, rc="); Serial.print(client.state()); Serial.println(" try again in 5 seconds"); char buf[256]; espClient.getLastSSLError(buf,256); Serial.print("WiFiClientSecure SSL error: "); Serial.println(buf); // Wait 5 seconds before retrying delay(5000); } } } void setup() { Serial.begin(115200); Serial.setDebugOutput(true); // initialize digital pin LED_BUILTIN as an output. pinMode(LED_BUILTIN, OUTPUT); setup_wifi(); delay(1000); if (!SPIFFS.begin()) { Serial.println("Failed to mount file system"); return; } Serial.print("Heap: "); Serial.println(ESP.getFreeHeap()); // Load certificate file File cert = SPIFFS.open("/cert.der", "r"); //replace cert.crt eith your uploaded file name if (!cert) { Serial.println("Failed to open cert file"); } else Serial.println("Success to open cert file"); delay(1000); if (espClient.loadCertificate(cert)) Serial.println("cert loaded"); else Serial.println("cert not loaded"); // Load private key file File private_key = SPIFFS.open("/private.der", "r"); //replace private eith your uploaded file name if (!private_key) { Serial.println("Failed to open private cert file"); } else Serial.println("Success to open private cert file"); delay(1000); if (espClient.loadPrivateKey(private_key)) Serial.println("private key loaded"); else Serial.println("private key not loaded"); // Load CA file File ca = SPIFFS.open("/ca.der", "r"); //replace ca eith your uploaded file name if (!ca) { Serial.println("Failed to open ca "); } else Serial.println("Success to open ca"); delay(1000); if(espClient.loadCACert(ca)) Serial.println("ca loaded"); else Serial.println("ca failed"); Serial.print("Heap: "); Serial.println(ESP.getFreeHeap()); } void loop() { if (!client.connected()) { reconnect(); } client.loop(); long now = millis(); if (now - lastMsg<2000) { lastMsg = now; ++value; snprintf (msg, 75, "{"message": "hello world #%ld"}", value); Serial.print("Publish message: "); Serial.println(msg); client.publish("outTopic", msg); Serial.print("Heap: "); Serial.println(ESP.getFreeHeap()); //Low heap can cause problems } digitalWrite(LED_BUILTIN, HIGH); // turn the LED on (HIGH is the voltage level) delay(100); // wait for a second digitalWrite(LED_BUILTIN, LOW); // turn the LED off by making the voltage LOW delay(100); // wait for a second }
i downloaded open ssl and converted the certficates into pem to der format
after that i installed esp8266 sketch book required zip file and uplaoded my certicates
i attached the output image below
and still iam getting the same error i was unable to connect the certficates i mean unable to load the certficates
connected with Corporate Tenant Wifi, channel 6 dhcp client start... ..ip:10.172.203.27,mask:255.255.254.0,gw:10.172.202.1 . WiFi connected IP address: 10.172.203.27 Heap: 40088 Failed to open cert file cert not loaded Failed to open private cert file private key not loaded Failed to open ca ca failed Heap: 40088 Attempting MQTT connection...failed, rc=-2 try again in 5 seconds WiFiClientSecure SSL error: Chain could not be linked to a trust anchor. Attempting MQTT connection...failed, rc=-2 try again in 5 seconds WiFiClientSecure SSL error: Chain could not be linked to a trust anchor. Attempting MQTT connection...failed, rc=-2 try again in 5 seconds WiFiClientSecure SSL error: Chain could not be linked to a trust anchor. Attempting MQTT connection...failed, rc=-2 try again in 5 seconds
@Elie4 I'm getting the same error, How is your problem resolved?
hey brother do you solve this error
The only thing I can think of is1. verify you have enabled or a activated the certs in AWS.2. verify that your data directory for the certs is in same directory as yout .ino .3. Else, please recheck your steps.Goid luck
Sent from Yahoo Mail on Android
On Tue, May 17, 2022 at 8:55 AM, Sai kishore @.***> wrote:
@Elie4 I'm getting the same error, How is your problem resolved?
hey brother do you solve this error
— Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you commented.Message ID: @.***>
Above is not correct I believe, it should be afdlkajfj.der not afdlkajfj .der.der On Tuesday, May 17, 2022, 10:44:22 AM CDT, S B @.***> wrote:
The only thing I can think of is1. verify you have enabled or a activated the certs in AWS.2. verify that your data directory for the certs is in same directory as yout .ino .3. Else, please recheck your steps.Goid luck
Sent from Yahoo Mail on Android
On Tue, May 17, 2022 at 8:55 AM, Sai kishore @.***> wrote:
@Elie4 I'm getting the same error, How is your problem resolved?
hey brother do you solve this error
— Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you commented.Message ID: @.***>