From d13c3ceb6be6a1efc57e806b704a9b19a129982e Mon Sep 17 00:00:00 2001 From: sgkim Date: Sun, 6 Feb 2022 16:33:09 +0900 Subject: [PATCH] Change awscli create certificate command and change pubsub code, README.md --- .gitignore | 4 ++++ README.md | 8 +++++--- awsiotpub.py | 6 +++--- awsiotsub.py | 6 +++--- 4 files changed, 15 insertions(+), 9 deletions(-) diff --git a/.gitignore b/.gitignore index 1dbc687..96fc35f 100644 --- a/.gitignore +++ b/.gitignore @@ -60,3 +60,7 @@ target/ #Ipython Notebook .ipynb_checkpoints + +# key file +*.pem +*.key diff --git a/README.md b/README.md index 8218568..1810a61 100644 --- a/README.md +++ b/README.md @@ -3,11 +3,13 @@ ## Platforms supported I've tested the certificate creation commands only on Windows using the AWS CLI. I think they should work on the AWS CLI of other platforms. +If you need to AWS CLI set-up please check this link: [https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-quickstart.html] -My python programs run perfectly on: +This Python programs run perfectly on: - Raspberry PI 2 with Raspbian Jessie and Python 2.7 - Debian Jessie virtual machine with Python 2.7 - Windows with Python 3.4 installed by Conda +- Ubuntu 20.04 with Python 3.8 installed by Conda ## Create a thing, certifcate, keys and attaching them to enable usage of AWS IoT hub @@ -23,13 +25,13 @@ aws iot list-things ``` create certificate and keys: ``` -aws iot create-keys-and-certificate --set-as-active --certificate-pem-outfile cert.pem --public-key-outfile publicKey.pem --private-key-outfile privkey.pem +aws iot create-keys-and-certificate --set-as-active --certificate-pem-outfile myThingName.cert.pem --public-key-outfile myThingName.public.key --private-key-outfile myThingName.private.key ``` take note of the **certificate-arn** in the output or, if you forgot to copy the **certificate-arn** you can get it listing the certificates with: ``` aws iot list-certificates ``` -download root certificate from [this URL](https://www.symantec.com/content/en/us/enterprise/verisign/roots/VeriSign-Class%203-Public-Primary-Certification-Authority-G5.pem) using your browser and save it with filename: **aws-iot-rootCA.crt** +Download root certificate from [this URL](https://www.amazontrust.com/repository/AmazonRootCA1.pem) using your browser and save it with filename: **AmazonRootCA1.pem** create a policy from the file provided: ``` diff --git a/awsiotpub.py b/awsiotpub.py index ccf8e13..28c15f8 100644 --- a/awsiotpub.py +++ b/awsiotpub.py @@ -38,9 +38,9 @@ def on_message(client, userdata, msg): awsport = 8883 clientId = "myThingName" thingName = "myThingName" -caPath = "aws-iot-rootCA.crt" -certPath = "cert.pem" -keyPath = "privkey.pem" +caPath = "AmazonRootCA1.pem" +certPath = "myThingName.cert.pem" +keyPath = "myThingName.private.key" mqttc.tls_set(caPath, certfile=certPath, keyfile=keyPath, cert_reqs=ssl.CERT_REQUIRED, tls_version=ssl.PROTOCOL_TLSv1_2, ciphers=None) diff --git a/awsiotsub.py b/awsiotsub.py index 584f70b..817692c 100644 --- a/awsiotsub.py +++ b/awsiotsub.py @@ -35,9 +35,9 @@ def on_message(client, userdata, msg): awsport = 8883 clientId = "myThingName" thingName = "myThingName" -caPath = "aws-iot-rootCA.crt" -certPath = "cert.pem" -keyPath = "privkey.pem" +caPath = "AmazonRootCA1.pem" +certPath = "myThingName.cert.pem" +keyPath = "myThingName.private.key" mqttc.tls_set(caPath, certfile=certPath, keyfile=keyPath, cert_reqs=ssl.CERT_REQUIRED, tls_version=ssl.PROTOCOL_TLSv1_2, ciphers=None)