AWS Test Host exception

Designer · April 1, 2020, 4:00am

Following the GHI AWS Example

This is my ARN with the Customer ID replaced

        var iotArnString = "arn:aws:iot:us-east-1:000000000000:thing/Device1";
        var iotPort = 8883;
        var deviceId = "Device1";

I get an exception on connect

        var connectCode = iotClient.Connect(connectSetting);

Exception System.InvalidOperationException - CLR_E_INVALID_OPERATION (1)

#### Message: 
#### GHIElectronics.TinyCLR.Devices.Network.Provider.NetworkControllerApiWrapper::GetHostByName [IP: 0000] ####
#### System.Net.Dns::GetHostEntry [IP: 000b] ####
#### GHIElectronics.TinyCLR.Networking.Mqtt.MqttStream::.ctor [IP: 000d] ####
#### GHIElectronics.TinyCLR.Networking.Mqtt.Mqtt::.ctor [IP: 005e] ####
#### AWSTest.Program::DoTestAwsMqtt [IP: 0098] ####
#### AWSTest.Program::Main [IP: 000c] ####

Exception thrown: ‘System.InvalidOperationException’ in GHIElectronics.TinyCLR.Devices.Network.dll
An unhandled exception of type ‘System.InvalidOperationException’ occurred in GHIElectronics.TinyCLR.Devices.Network.dll

Anyone run into this ?

Dat_Tran · April 1, 2020, 12:07pm

can you please try catch that exception?

Designer · April 2, 2020, 2:30am

static void DoTestAwsMqtt()
{
var iotArnString = “arn:aws:iot:us-east-1:000000000000:thing/Device1”;
var iotPort = 8883;
var deviceId = “Device1”;

var topicShadowUpdate = string.Format("$aws/things/{0}/shadow/update", deviceId);
var topicShadowGet = string.Format("$aws/things/{0}/shadow/get", deviceId);

var message = "{\"state\":{\"desired\":{\"My message\":\"From my test \"}}}";

var caCertSource = UTF8Encoding.UTF8.GetBytes(@"...");

var clientCertSource = UTF8Encoding.UTF8.GetBytes(@"...");

var privateKeyData = UTF8Encoding.UTF8.GetBytes(@"...");

X509Certificate CaCert = new X509Certificate(caCertSource);
X509Certificate ClientCert = new X509Certificate(clientCertSource);

ClientCert.PrivateKey = privateKeyData;

var clientSetting = new MqttClientSetting
{
    BrokerName = iotArnString,
    BrokerPort = iotPort,
    CaCertificate = CaCert,
    ClientCertificate = ClientCert,
    SslProtocol = System.Security.Authentication.SslProtocols.Tls12
};


Mqtt iotClient = null;

try
{
    iotClient = new Mqtt(clientSetting);
    iotClient.PublishReceivedChanged += (a, b) =>
    {
        Debug.WriteLine("Received message: " + Encoding.UTF8.GetString(b.Data));
    };


    iotClient.SubscribedChanged += (a, b) => { Debug.WriteLine("Subscribed"); };

    var connectSetting = new MqttConnectionSetting
    {
        ClientId = deviceId,
        UserName = null,
        Password = null
    };

    var connectCode = iotClient.Connect(connectSetting);

    ushort packetId = 1;

    iotClient.Subscribe(new string[] { topicShadowGet }, new QoSLevel[]
        { QoSLevel.LeastOnce }, packetId++);

    iotClient.Publish(topicShadowUpdate, Encoding.UTF8.GetBytes(message),
        QoSLevel.MostOnce, false, packetId++);

}
catch (Exception e)
{
    Debug.WriteLine(e.Message);
}

}

Dat_Tran · April 2, 2020, 12:16pm

Your string

var iotArnString = “arn:aws:iot:us-east-1:000000000000:thing/Device1”

look weird to me. I don’t think it inclucde “:thing/Device1”.

The string should have “xxxxxxxxxxxxxxxxxxxxxxxxxxxx.amazonaws.com”;

Designer · April 6, 2020, 2:13pm

Thanks Dat - I have connected now.

I will push some tweaks to the document, once I am done.

RoSchmi · April 19, 2020, 1:23pm

Hello, I’m also exploring the GHI AWS example and got the basic functions working on the SC20260 Board.

How far did you come?

To test all the functions I would like to have a AWS MQTT Client as a Windows PC Program but yet couldn’t find a suitable Application (couldn’t manage to connect to the AWS IoT-Service).
Can anyone give a recommendation and perhaps help how to handle the certificates?

Designer · April 19, 2020, 4:58pm

MQTT.fx is a good tool for testing

http://mqttfx.jensd.de/index.php

RoSchmi · April 19, 2020, 6:18pm

Thank you. Can you please give me an advice, which certificates I have to use and where they must be selected in the different options of mqtt.fx?

Designer · April 19, 2020, 7:40pm

I did start to write a complete document on this, unfortunately I have been occupied in supporting our teams to continue to deliver work over the COVID lockdown. Will attempt over the week.

For now

Select “Self signed certificates”

CA File - VeriSign-Class 3-Public-Primary-Certification-Authority-G5.pem file (download from AWS)
Client Certificate File - Your device certificate.pem.crt from AWS
Client Key File - Your device private.pem.key from AWS

RoSchmi · April 20, 2020, 8:06am

Thanks @Designer . I finally got the connection to the AWS IoT broker using the PC Application MQTT.fx (changed url like: a5u5zbsapbo9mi-ats.iot.eu-central-1.amazonaws.com ) with the following settings:

CA File - AmazonRootCA1.crt
Client Certificate File - My device certificate.pem.crt like: c4c37b4fbe-certificate.pem.crt

The device key that I got from AWS (like: c4c37b4fbe-private.pem.key) had to be converted to PKCS8 format using the openssl command:
openssl pkcs8 -topk8 -inform PEM -outform DER -in private_key_file -nocrypt > pkcs8_key