NodeMCU/ESP8266安全发布到Azure IoT
我正在尝试实现一个基本的传感器到云系统,通过RESTful HTTP/HTTPS POST将数据从ESP8266微控制器发送到Azure IoT云 使用NodeMCU Lua解释器 为了简洁起见,我省略了实际读取传感器并连接到WiFi LAN的代码。这些工作正常 我已经成功地将HTTP帖子发送到UbiDots,但我无法让Azure工作-我认为强制HTTPS是我无法工作的部分 我已经生成了一个SAS令牌,设置了Azure IoT Hub,我非常确定HTTP头是正确的,授权行包含在我从Azure IoT Hub explorer工具生成的SAS中 ==编辑===NodeMCU/ESP8266安全发布到Azure IoT,azure,ssl,lua,esp8266,nodemcu,Azure,Ssl,Lua,Esp8266,Nodemcu,我正在尝试实现一个基本的传感器到云系统,通过RESTful HTTP/HTTPS POST将数据从ESP8266微控制器发送到Azure IoT云 使用NodeMCU Lua解释器 为了简洁起见,我省略了实际读取传感器并连接到WiFi LAN的代码。这些工作正常 我已经成功地将HTTP帖子发送到UbiDots,但我无法让Azure工作-我认为强制HTTPS是我无法工作的部分 我已经生成了一个SAS令牌,设置了Azure IoT Hub,我非常确定HTTP头是正确的,授权行包含在我从Azure I
My NodeMCU build is as follows:
NodeMCU custom build by frightanic.com
branch: dev
commit: 5e1ca234cce36f251edd78dc3d5a5ce4d4c76a59
SSL: true
modules: adc,crypto,ds18b20,file,gpio,http,hx711,net,node,ow,sntp,tmr,uart,wifi,tls
build created on 2018-04-26 07:02
powered by Lua 5.1.4 on SDK 2.2.1(cfd48f3)
function postHTTPWebService(name1, val1, name2, val2, name3, val3, name4, val4)
tls.cert.verify([[
-----BEGIN CERTIFICATE-----
-- certificate mostly redacted
MIIFtDCCBJygAwIBAgIQCLh6UBu+nNotFk0+OVG/VTANBgkqhkiG9w0BAQsFADBa
86Qho5jQenT2jOjD0iuqK84RWRlE51wHCULr1/0VTblvbEQ1Joe6oztosIHnIMl/
EwLzzKufHJVQy65kgLuHCl3OpmuyfeM9NuIpUbcl/NAJ47CtxGIuPn6FJrL2r/dt
N2UI+5Gz6BZ2YSpl9ViUs0UB78BPA3u4
-----END CERTIFICATE-----
]])
tls.cert.verify(true)
azure_url =
"https://" .. AZURE_HUB .. ".azure-devices.net/devices/" ..
AZURE_DEVICE .. "/messages/events?api-version=" .. AZURE_API
azure_payload = json(name1, val1, name2, val2, name3, val3, name4, val4)
azure_headers =
"Authorization: " .. SAS_TOKEN .. "\r\n" ..
"Content-Type: application/json\r\n" ..
"Content-Length: " .. string.len(azure_payload) .. "\r\n" ..
"Host: " .. AZURE_HUB .. ".azure-devices.net\r\n\n"
http.post(azure_url, azure_headers, azure_payload,
function(return_status, return_payload)
if (return_status < 0) then -- big fail, no HTTP return at all
print("HTTP request failed")
elseif (return_status == 200) then
print(return_payload)
print("Got HTTP 200 return - entering deep sleep")
node.dsleep(DEEPSLEEP_TIME)
else
-- There are many HTTP codes which are valid but still unsuccessful
print("Got valid return status - not 200")
print(return_status, return_payload)
end
end)
end
tls.cert.verify(false)tls.cert.verify(false)E:M 264
E:M 1520
E:M 1520
HTTP client: Disconnected with error: -16
HTTP client: Connection timeout
HTTP request failed
My NodeMCU build is as follows:
NodeMCU custom build by frightanic.com
branch: dev
commit: 5e1ca234cce36f251edd78dc3d5a5ce4d4c76a59
SSL: true
modules: adc,crypto,ds18b20,file,gpio,http,hx711,net,node,ow,sntp,tmr,uart,wifi,tls
build created on 2018-04-26 07:02
powered by Lua 5.1.4 on SDK 2.2.1(cfd48f3)
serv_addr = AZURE_HUB .. ".azure-devices.net"
tls.cert.verify(true)
connection:connect(443, serv_addr)
end
tls.cert.verify([[
-----BEGIN CERTIFICATE-----
foo blah blah blah here is the certificate generated
-----END CERTIFICATE-----
]])
tls.cert.verify(true)
AZURE_DEVICE = "MyAzureDeviceName"
AZURE_HUB = "myazureiothub"
AZURE_API = "2016-02-03"
SAS_TOKEN = "123AFthisisafaketokenC4%3D"
DEEPSLEEP_TIME = 60000000 -- 1 minute in microseconds
local module = {}
function format_json(variable1, value1, variable2, value2, variable3, value3, variable4, value4)
payload =
'{\"' .. variable1..'\": {"value": ' .. value1..'},\"'
.. variable2 .. '\": {"value": ' .. value2 .. '},\"'
.. variable3 .. '\": {"value": ' .. value3 .. '},\"'
.. variable4 .. '\": {"value": ' .. value4 .. '}}'
return payload
end
function postHTTPWebService(name1, value1, name2, value2, name3, value3, name4, value4)
connection = tls.createConnection(net.TCP, 0)
connection:on("receive", function(connection, payload)
if (string.find(payload, "200 OK") ~= nil) then
print("HTTP 200 received - OK");
connection:close();
collectgarbage();
node.dsleep(DEEPSLEEP_TIME)
else
print("HTTP Return Error")
print(payload) -- print the HTTP status returned.
end
end)
connection:on("connection", function(connection, payload)
data = format_json(name1, value1, name2, value2, name3, value3, name4, value4)
local post = "POST /devices/" .. AZURE_HUB .. "/messages/events?api-version=" .. AZURE_API .. " HTTP/1.1\r\n" ..
"Host: " .. AZURE_HUB .. ".azure-devices.net\r\n" ..
"Authorization: SharedAccessSignature " .. SAS_TOKEN .. "\r\n" ..
"Content-Type: application/json\r\n" ..
"Content-Length: " .. string.len(data) .. "\r\n" ..
"\r\n" .. data .. "\n"
print(post) -- print the full HTTP payload for debugging
connection:send(post)
print("HTTP POST sent.")
end)
connection:on("disconnection", function(connection, payload)
connection:close();
collectgarbage();
end)
serv_addr = AZURE_HUB .. ".azure-devices.net"
tls.cert.verify(true)
connection:connect(443, serv_addr)
end
function readSensors()
value1 = 1 -- Dummy sensor data for testing
value2 = 2
value3 = 3
value4 = 4
postHTTPWebService("sensor1", value1, "sensor2", value2, "sensor3", value3, "sensor4", value4)
end
local function main_function()
-- Wait a second, then run the sensor function
tmr.alarm(3, 1000, tmr.ALARM_SINGLE, function() readSensors() end)
end
function module.start()
main_function()
end
return module
如果将cert.verify切换为false,会发生什么情况?要使验证成功,您的设备需要有签署*.azure-devices.net证书的根CA。通常有一个助手二进制文件将多个根CA闪存到设备闪存上,至少ATWINC1500是这样,不知道ESP。远程设备可能没有通用密码套件。您可以通过ssllabs.com运行遥控器并进行比较。但不确定如何获取设备支持的密码。。一种方法是在www模式下运行一个简单的openssl s_服务器,看看在握手中宣传了什么。我可以在我的PC上运行openssl s_客户端-showcerts-connect myiothub.azure devices.net:8883,对吗?这是获得证书的正确方法吗?是的。应该是第一个,由巴尔的摩Cybertrust根颁发的证书。我已经尝试了这两个证书(CN=巴尔的摩Cybertrust根是列表中的第二个吗?),但两种方式都不起作用。
AZURE_DEVICE = "MyAzureDeviceName"
AZURE_HUB = "myazureiothub"
AZURE_API = "2016-02-03"
SAS_TOKEN = "123AFthisisafaketokenC4%3D"
DEEPSLEEP_TIME = 60000000 -- 1 minute in microseconds
local module = {}
function format_json(variable1, value1, variable2, value2, variable3, value3, variable4, value4)
payload =
'{\"' .. variable1..'\": {"value": ' .. value1..'},\"'
.. variable2 .. '\": {"value": ' .. value2 .. '},\"'
.. variable3 .. '\": {"value": ' .. value3 .. '},\"'
.. variable4 .. '\": {"value": ' .. value4 .. '}}'
return payload
end
function postHTTPWebService(name1, value1, name2, value2, name3, value3, name4, value4)
connection = tls.createConnection(net.TCP, 0)
connection:on("receive", function(connection, payload)
if (string.find(payload, "200 OK") ~= nil) then
print("HTTP 200 received - OK");
connection:close();
collectgarbage();
node.dsleep(DEEPSLEEP_TIME)
else
print("HTTP Return Error")
print(payload) -- print the HTTP status returned.
end
end)
connection:on("connection", function(connection, payload)
data = format_json(name1, value1, name2, value2, name3, value3, name4, value4)
local post = "POST /devices/" .. AZURE_HUB .. "/messages/events?api-version=" .. AZURE_API .. " HTTP/1.1\r\n" ..
"Host: " .. AZURE_HUB .. ".azure-devices.net\r\n" ..
"Authorization: SharedAccessSignature " .. SAS_TOKEN .. "\r\n" ..
"Content-Type: application/json\r\n" ..
"Content-Length: " .. string.len(data) .. "\r\n" ..
"\r\n" .. data .. "\n"
print(post) -- print the full HTTP payload for debugging
connection:send(post)
print("HTTP POST sent.")
end)
connection:on("disconnection", function(connection, payload)
connection:close();
collectgarbage();
end)
serv_addr = AZURE_HUB .. ".azure-devices.net"
tls.cert.verify(true)
connection:connect(443, serv_addr)
end
function readSensors()
value1 = 1 -- Dummy sensor data for testing
value2 = 2
value3 = 3
value4 = 4
postHTTPWebService("sensor1", value1, "sensor2", value2, "sensor3", value3, "sensor4", value4)
end
local function main_function()
-- Wait a second, then run the sensor function
tmr.alarm(3, 1000, tmr.ALARM_SINGLE, function() readSensors() end)
end
function module.start()
main_function()
end
return module