Amazon web services AWS:使用带和不带WebSocket的MQTT连接
我正在学习AWS,我有一个Python脚本,只有在证书中没有附加任何策略的情况下才能工作。 下面是配置MQTT的部分代码:Amazon web services AWS:使用带和不带WebSocket的MQTT连接,amazon-web-services,websocket,mqtt,mosquitto,Amazon Web Services,Websocket,Mqtt,Mosquitto,我正在学习AWS,我有一个Python脚本,只有在证书中没有附加任何策略的情况下才能工作。 下面是配置MQTT的部分代码: def subscribeForDelta(self, parameterCallback): clientId = self.serial_number endpointAddress = boto3.client('iot').describe_endpoint() host = endpointAddress["endpointAdd
def subscribeForDelta(self, parameterCallback):
clientId = self.serial_number
endpointAddress = boto3.client('iot').describe_endpoint()
host = endpointAddress["endpointAddress"]
rootCAPath = '/home/pi/root-CA.crt'
certificatePath = '/home/pi/'+ self.serial_number+'.cert.pem'
privateKeyPath = '/home/pi/'+ self.serial_number+'.private.key'
thingName = self.serial_number
port = 443
myAWSIoTMQTTShadowClient = None
myAWSIoTMQTTShadowClient = AWSIoTMQTTShadowClient(clientId, useWebsocket=True)
myAWSIoTMQTTShadowClient.configureEndpoint(host, port)
myAWSIoTMQTTShadowClient.configureCredentials(rootCAPath)
myAWSIoTMQTTShadowClient.configureAutoReconnectBackoffTime(1, 32, 20)
myAWSIoTMQTTShadowClient.configureConnectDisconnectTimeout(10)
myAWSIoTMQTTShadowClient.configureMQTTOperationTimeout(5)
myAWSIoTMQTTShadowClient.connect()
deviceShadowHandler = myAWSIoTMQTTShadowClient.createShadowHandlerWithName(thingName, True)
shadowCallbackContainer_Bot = shadowCallbackContainer(deviceShadowHandler, parameterCallback)
deviceShadowHandler.shadowRegisterDeltaCallback(shadowCallbackContainer_Bot.customShadowCallback_Delta)
它在端口443使用WebSocket。
这里是我当前的策略文件:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"iot:Connect"
],
"Resource": [
"arn:aws:iot:us-east-2:<account>:client/<thing>"
]
},
{
"Effect": "Allow",
"Action": [
"iot:Publish"
],
"Resource": [
"arn:aws:iot:us-east-2:<account>:topic/$aws/things/<thing>/shadow/update",
"arn:aws:iot:us-east-2:<account>:topic/IoTData"
]
},
{
"Effect": "Allow",
"Action": [
"iot:GetThingShadow",
"iot:UpdateThingShadow"
],
"Resource": [
"arn:aws:iot:us-east-2:<account>:thing/<thing>",
"arn:aws:iot:us-east-2:<account>:thing/<thing>/shadow"
]
},
{
"Effect": "Allow",
"Action": [
"iot:Subscribe",
"iot:Receive"
],
"Resource": [
"arn:aws:iot:us-east-2:<account>:topicfilter/$aws/things/<thing>/shadow/update/accepted",
"arn:aws:iot:us-east-2:<account>:topicfilter/$aws/things/<thing>/shadow/update/rejected",
"arn:aws:iot:us-east-2:<account>:topicfilter/$aws/things/<thing>/shadow/update/delta"
]
}
]
}
使用此配置,它会超时:
Client 000000008c42325b sending CONNECT
Client 000000008c42325b sending CONNECT
Client 000000008c42325b sending CONNECT
Client 000000008c42325b sending CONNECT
Client 000000008c42325b sending CONNECT
Client 000000008c42325b sending CONNECT
Client 000000008c42325b sending CONNECT
...
但如果我将该策略附加到证书上,则情况正好相反:我可以使用mosquito成功发布/订阅,但不能使用Python脚本
我想用两种方法。
所以我首先尝试为websocket配置Mosquito_sub。表示对于MQTT w/websocket,端点URL为wss://iot-endpoint/mqtt
。但将其用作mosquitto_sub(和端口443)的-h
参数会返回查找错误
第一个问题:使用mosquitto\u sub
w/websockets的正确语法是什么
作为第二次尝试,我将Python脚本更改为使用端口8883,不使用WebSocket。但现在它不能再订阅了:
Error subscribing delta: OSError
[' File "myProject.py", line 390,
in loop myproject.subscribeForDelta(changeParameter)',
' File "/home/pi/ThingShadow.py", line 192,
in subscribeForDelta myAWSIoTMQTTShadowClient.configureCredentials(rootCAPath)',
' File "/usr/local/lib/python3.5/dist-packages/AWSIoTPythonSDK/MQTTLib.py", line 1046,
in configureCredentials self._AWSIoTMQTTClient.configureCredentials(CAFilePath, KeyPath, CertificatePath)',
' File "/usr/local/lib/python3.5/dist-packages/AWSIoTPythonSDK/MQTTLib.py", line 239,
in configureCredentials self._mqtt_core.configure_cert_credentials(cert_credentials_provider)',
' File "/usr/local/lib/python3.5/dist-packages/AWSIoTPythonSDK/core/protocol/mqtt_core.py", line 132,
in configure_cert_credentials self._internal_async_client.set_cert_credentials_provider(cert_credentials_provider)',
' File "/usr/local/lib/python3.5/dist-packages/AWSIoTPythonSDK/core/protocol/internal/clients.py", line 84,
in set_cert_credentials_provider cert_reqs=ssl.CERT_REQUIRED, tls_version=ssl.PROTOCOL_SSLv23)',
' File "/usr/local/lib/python3.5/dist-packages/AWSIoTPythonSDK/core/protocol/paho/client.py", line 617,
in tls_set raise IOError(certfile+": "+err.strerror)']
第二个问题:我不清楚策略文件的作用以及为什么这两种连接方法相互排斥
Error subscribing delta: OSError
[' File "myProject.py", line 390,
in loop myproject.subscribeForDelta(changeParameter)',
' File "/home/pi/ThingShadow.py", line 192,
in subscribeForDelta myAWSIoTMQTTShadowClient.configureCredentials(rootCAPath)',
' File "/usr/local/lib/python3.5/dist-packages/AWSIoTPythonSDK/MQTTLib.py", line 1046,
in configureCredentials self._AWSIoTMQTTClient.configureCredentials(CAFilePath, KeyPath, CertificatePath)',
' File "/usr/local/lib/python3.5/dist-packages/AWSIoTPythonSDK/MQTTLib.py", line 239,
in configureCredentials self._mqtt_core.configure_cert_credentials(cert_credentials_provider)',
' File "/usr/local/lib/python3.5/dist-packages/AWSIoTPythonSDK/core/protocol/mqtt_core.py", line 132,
in configure_cert_credentials self._internal_async_client.set_cert_credentials_provider(cert_credentials_provider)',
' File "/usr/local/lib/python3.5/dist-packages/AWSIoTPythonSDK/core/protocol/internal/clients.py", line 84,
in set_cert_credentials_provider cert_reqs=ssl.CERT_REQUIRED, tls_version=ssl.PROTOCOL_SSLv23)',
' File "/usr/local/lib/python3.5/dist-packages/AWSIoTPythonSDK/core/protocol/paho/client.py", line 617,
in tls_set raise IOError(certfile+": "+err.strerror)']