从.net core通过M2MQTT连接到AWS IoT
我设法手动创建了AWS物联网配置,下载了证书,并创建了一个可以订阅主题的控制台应用程序。我现在正在尝试自动创建东西,这将导致AWS以字符串形式提供证书密钥。我不知道如何使用这些。我已经下载了根ca,我想我所有的东西都使用它 我的基于文件的证书订阅者如下所示:从.net core通过M2MQTT连接到AWS IoT,mqtt,aws-iot,Mqtt,Aws Iot,我设法手动创建了AWS物联网配置,下载了证书,并创建了一个可以订阅主题的控制台应用程序。我现在正在尝试自动创建东西,这将导致AWS以字符串形式提供证书密钥。我不知道如何使用这些。我已经下载了根ca,我想我所有的东西都使用它 我的基于文件的证书订阅者如下所示: Console.WriteLine("AWS IOT Dotnet core message listener starting"); string iotendpoint = "blahbl
Console.WriteLine("AWS IOT Dotnet core message listener starting");
string iotendpoint = "blahblah-ats.iot.ap-southeast-2.amazonaws.com";
int BrokerPort = 8883;
string Topic = "topic_1/";
var CaCert = X509Certificate.CreateFromCertFile(@"root-CA.crt");
var ClientCert = new X509Certificate2(@"device.pfx", "password");
var IotClient = new MqttClient(iotendpoint, BrokerPort, true, CaCert, ClientCert, MqttSslProtocols.TLSv1_2);
try
{
IotClient.Connect(Guid.NewGuid().ToString());
Console.WriteLine("Connected to AWS IOT");
IotClient.MqttMsgPublishReceived += Client_MqttMsgPublishReceived;
IotClient.MqttMsgSubscribed += Client_MqttMsgSubscribed;
IotClient.Subscribe(new string[] { Topic }, new byte[] { MqttMsgBase.QOS_LEVEL_AT_LEAST_ONCE });
Console.ReadLine();
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
return;
}
var keyText = File.ReadAllText("keys.json"); // saved from AWS SDK when creating IoT Cert.
var keys = JsonConvert.DeserializeObject<Keys>(keyText);
var rsa = RsaHelper.PrivateKeyFromPem(keys.PrivateKey);
var pemText = File.ReadAllText("thing.crt");
var bytes = Encoding.ASCII.GetBytes(pemText);
var ClientCert = new X509Certificate2(bytes);
ClientCert = ClientCert.CopyWithPrivateKey(rsa);
ClientCert = new X509Certificate2(ClientCert.Export(X509ContentType.Pfx,"12345678"), "12345678");
要从文件加载证书,我尝试了以下操作:
var keyText = File.ReadAllText("keys.json");
var keys = JsonConvert.DeserializeObject<Keys>(keyText);
var bytes = Encoding.ASCII.GetBytes(keys.PrivateKey.ToCharArray());
var ClientCert = new X509Certificate2(bytes);
以及json文件中AWS的密钥:
{
"PrivateKey": "-----BEGIN RSA PRIVATE KEY-----\nMIIEpQIBAAKCAQEA4mh2PQ581XN9BmoCvDjlaktm/6gQgqGBItZThcQVMTjveU8H\npjOU2E/9lq7vmdO+96NuuMr9MKtFD+ZWtVExLjMq9hH0MvIvosVt9+6Ggcwz7Kdr\nigprfBMVORV0rgcK+nsd2DmBNrs339fqbTn5UAIFFBpqkNReW7LMl9h6g8hu4aYQ\nJTohDwSmgmNJKlzMJGtVfPggqt+bBi3lUf9NEOEz...
-----END RSA PRIVATE KEY-----\n",
"PublicKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4mh2PQ581XN9BmoCvDjl\naktm/6gQgqGBItZThcQVMTjveU8HpjOU2E/9lq7vmdO+96NuuMr9MKtFD+ZWtVEx\nLjMq9hH0MvIvosVt9+6Ggcwz7K...
-----END PUBLIC KEY-----\n"
}
我在加载证书时出错:
System.Security.Cryptography.X509Certificates.dll中发生类型为“Internal.Cryptography.CryptothWhelper.WindowsCryptographyException”的未处理异常:“找不到请求的对象。”
有人能看出这里有什么明显的错误吗?我不明白
更新:
使用AWS SDK生成的PEM文本更为正确,但我仍然在连接时遇到错误-M2MQTT表示存在证书问题,它没有私钥。它需要它吗
var pemText = File.ReadAllText("thing.crt");
var bytes = Encoding.ASCII.GetBytes(pemText);
var ClientCert = new X509Certificate2(bytes);
最终的拼凑解决方案如下所示:
Console.WriteLine("AWS IOT Dotnet core message listener starting");
string iotendpoint = "blahblah-ats.iot.ap-southeast-2.amazonaws.com";
int BrokerPort = 8883;
string Topic = "topic_1/";
var CaCert = X509Certificate.CreateFromCertFile(@"root-CA.crt");
var ClientCert = new X509Certificate2(@"device.pfx", "password");
var IotClient = new MqttClient(iotendpoint, BrokerPort, true, CaCert, ClientCert, MqttSslProtocols.TLSv1_2);
try
{
IotClient.Connect(Guid.NewGuid().ToString());
Console.WriteLine("Connected to AWS IOT");
IotClient.MqttMsgPublishReceived += Client_MqttMsgPublishReceived;
IotClient.MqttMsgSubscribed += Client_MqttMsgSubscribed;
IotClient.Subscribe(new string[] { Topic }, new byte[] { MqttMsgBase.QOS_LEVEL_AT_LEAST_ONCE });
Console.ReadLine();
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
return;
}
var keyText = File.ReadAllText("keys.json"); // saved from AWS SDK when creating IoT Cert.
var keys = JsonConvert.DeserializeObject<Keys>(keyText);
var rsa = RsaHelper.PrivateKeyFromPem(keys.PrivateKey);
var pemText = File.ReadAllText("thing.crt");
var bytes = Encoding.ASCII.GetBytes(pemText);
var ClientCert = new X509Certificate2(bytes);
ClientCert = ClientCert.CopyWithPrivateKey(rsa);
ClientCert = new X509Certificate2(ClientCert.Export(X509ContentType.Pfx,"12345678"), "12345678");
var keyText=File.ReadAllText(“keys.json”);//创建物联网证书时从AWS SDK保存。
var keys=JsonConvert.DeserializeObject(keyText);
var rsa=rsaheloper.PrivateKeyFromPem(key.PrivateKey);
var pemText=File.ReadAllText(“thing.crt”);
var bytes=Encoding.ASCII.GetBytes(pemText);
var ClientCert=新的X509Certificate2(字节);
ClientCert=ClientCert.CopyWithPrivateKey(rsa);
ClientCert=new X509Certificate2(ClientCert.Export(X509ContentType.Pfx,“12345678”),“12345678”);
来自
从导出和导入PFX以解决错误的最后一个技巧:“安全包中没有可用的凭据”
侧边栏-为什么我们(作为一个行业)总是把一些概念上简单的东西变得如此复杂