search

Azure / azure-iot-sdk-c

A C99 SDK for connecting devices to Microsoft Azure IoT services
https://azure.github.io/azure-iot-sdk-c
Other
587 stars 739 forks source link

Func:send_handshake_bytes Line:734 error:14090086:SSL routines:ssl3_get_server_certificate #2407

Closed sayajiraow closed 1 year ago

sayajiraow commented 1 year ago

image

I have built the azure-iot-sdk-c sample application iothub_ll_c2d_sample on the ARM architecture. While connection to the iot hub I am getting the errors as below.

Creating IoTHub Device handle Info: Input parameter connectionString HostName=IotHubSayaji.azure-devices.net;DeviceId=SayajiIotDevice;SharedAccessKey=eVFEDsNPwJGB0vIb0zM/d0Cv02kjRiTY2pbSNGFfLL8= Waiting for message to be sent to device (will quit after 3 messages) Error: Time:Sat Oct 17 08:33:49 2020 File:/home/sayajiraow/azure-iot-sdk-c/c-utility/adapters/tlsio_openssl.c Func:send_handshake_bytes Line:734 error:14090086:SSL routines:ssl3_get_server_certificate:cd Error: Time:Sat Oct 17 08:33:49 2020 File:/home/sayajiraow/azure-iot-sdk-c/umqtt/src/mqtt_client.c Func:onOpenComplete Line:452 Error: failure opening connection to endpoint Error: Time:Sat Oct 17 08:33:49 2020 File:/home/sayajiraow/azure-iot-sdk-c/c-utility/adapters/tlsio_openssl.c Func:send_handshake_bytes Line:734 error:14090086:SSL routines:ssl3_get_server_certificate:cd Error: Time:Sat Oct 17 08:33:49 2020 File:/home/sayajiraow/azure-iot-sdk-c/umqtt/src/mqtt_client.c Func:onOpenComplete Line:452 Error: failure opening connection to endpoint

Please guide me how to resolve this issue. Thanks in advance

ericwolz commented 1 year ago

Is the Trusted Root Certificates installed? sudo update-ca-certificates

sayajiraow commented 1 year ago

Here is the output of update-ca-certificates

root@kivi-sta1295-boot-m3os-from-m3xl-evb-mmc:/usr/bin# update-ca-certificates Updating certificates in /etc/ssl/certs... 0 added, 0 removed; done. Running hooks in /etc/ca-certificates/update.d... done.

It is obvious that the CA certificates are not getting updated. It means the certificates are up to date. Then what could be the reason for this issue? My Azure Iot hub is in Central india region. Does it cause any difference in certificates?

ericwolz commented 1 year ago

You can use openssl to dump the service TLS certs to verify.

openssl s_client -showcerts -connect YOUR_IOT_HUB:8883

ericwolz commented 1 year ago

Did you do sudo apt-get install ca-certificates before calling sudo update-ca-certificates

sayajiraow commented 1 year ago

The issue has been resolved. The issue was not because of the certificate but it was because of incorrect date and time of the machine on which I was executing the application. After correcting the date and time of the machine the application succeeded in conecting to iothub.

Thanks for your support.