aws / aws-iot-device-sdk-embedded-C

SDK for connecting to AWS IoT from a device using embedded C.
MIT License
979 stars 630 forks source link

Error trying to run shadow_demo_main #1804

Closed JustinBerger closed 2 years ago

JustinBerger commented 2 years ago

Running on ubuntu inside wsl2 inside windows 11, just in case it matters.

cmake -S . -Bbuild -DAWS_IOT_ENDPOINT="my-endpoint.iot.us-east-1.amazonaws.com" -DCLIENT_CERT_PATH=".certs/certificate.pem.crt" -DCLIENT_PRIVATE_KEY_PATH=".certs/private.pem.key" -DTHING_NAME="Device-Name" -DROOT_CA_CERT_PATH=".certs/AmazonRootCA1.pem"

running shadow_demo_main (after realizing I got THING_NAME wrong the first pass)

[INFO] [SHADOW_DEMO] [shadow_demo_helpers.c:392] Establishing a TLS session to my-endpoint.iot.us-east-1.amazonaws.com:8883.
[INFO] [MQTT] [core_mqtt.c:885] Packet received. ReceivedBytes=2.
[INFO] [MQTT] [core_mqtt_serializer.c:970] CONNACK session present bit not set.
[INFO] [MQTT] [core_mqtt_serializer.c:912] Connection accepted.
[INFO] [MQTT] [core_mqtt.c:1565] Received MQTT CONNACK successfully from broker.
[INFO] [MQTT] [core_mqtt.c:1831] MQTT connection established with the broker.
[INFO] [SHADOW_DEMO] [shadow_demo_helpers.c:683] MQTT connection successfully established with broker.
[INFO] [SHADOW_DEMO] [shadow_demo_helpers.c:710] A clean MQTT connection is established. Cleaning up all the stored outgoing publishes.
[INFO] [SHADOW_DEMO] [shadow_demo_helpers.c:793] SUBSCRIBE topic $aws/things/Device-Name/shadow/delete/accepted to broker.
[ERROR] [Transport_OpenSSL_Sockets] [openssl_posix.c:843] Failed to receive data over network: SSL_read failed: ErrorStatus=EVP lib.
[ERROR] [MQTT] [core_mqtt_serializer.c:2400] A single byte was not read from the transport: transportStatus=-1.
[ERROR] [MQTT] [core_mqtt.c:1321] Receiving incoming packet length failed. Status=MQTTRecvFailed
[ERROR] [MQTT] [core_mqtt.c:2193] Exiting process loop due to failure: ErrorStatus=MQTTRecvFailed
[ERROR] [SHADOW_DEMO] [shadow_demo_helpers.c:809] MQTT_ProcessLoop returned with status = 4.
[INFO] [MQTT] [core_mqtt.c:2151] Disconnected from the broker.
[INFO] [SHADOW] [shadow_demo_main.c:906] Demo iteration 1 is successful.
[INFO] [SHADOW] [shadow_demo_main.c:925] Demo completed successfully.

Got an open policy set up.

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": "*",
      "Resource": "arn:aws:iot:us-east-1:my-accountId:client/${iot:Connection.Thing.ThingName}"
    },
    {
      "Effect": "Allow",
      "Action": "*",
      "Resource": "arn:aws:iot:us-east-1:my-accountId:client/${iot:Connection.Thing.ThingName}/*"
    }
  ]
}

Just not sure from documentation what to check next.

Activity report in console lists the disconnect with: "disconnectReason": "CLIENT_ERROR",

tianmc1 commented 2 years ago

Hi @JustinBerger , There are few things I'd recommend checking and trying.

  1. Make sure the certificate you use is attached to the IoT Thing.
  2. For debugging purpose, can you try using a "allow all" policy like below, so that we can narrow down whether this is a policy issue.
    {
    "Version": "2012-10-17",
    "Statement": [
    {
      "Effect": "Allow",
      "Action": "*",
      "Resource": "*"
    }
    ]
    }
JustinBerger commented 2 years ago
  1. Certificate is attached.
  2. Definitely a policy issue. I'll play around more and see if I can figure out what I'm doing wrong. Did manage to find the failures in the IoT logs in CloudWatch.

I wish the error message you got back from the library gave any kind of indication what was wrong, would greatly help tracking it down.

SeanYang-7 commented 11 months ago

image I have also encountered this problem now, am I missing any certificate?