kstribrnAmzn
commented
10 months ago Hello @chenxiang1001! Sorry for this troubling experience. I do believe I have figured out your issue though - looks like the RootCA path is incorrect in our code.. I followed the steps you went through almost exactly and saw the SSL_connect error. For a temporary workaround, you can add the RootCA path.
So instead of...
cmake -S . -Bbuild -DAWS_IOT_ENDPOINT="xxx-ats.iot.xxx.amazonaws.com" -DROOT_CA_CERT_PATH="/home/builder/ca.pem" -DCLIENT_CERT_PATH="/home/builder/cert.pem" -DCLIENT_PRIVATE_KEY_PATH="/home/builder/key.pem"Do this...
cmake -S . -Bbuild -DAWS_IOT_ENDPOINT="xxx-ats.iot.xxx.amazonaws.com" -DROOT_CA_CERT_PATH="/home/builder/ca.pem" -DCLIENT_CERT_PATH="/home/builder/cert.pem" -DCLIENT_PRIVATE_KEY_PATH="/home/builder/key.pem" -DROOT_CA_CERT_PATH="/home/builder/AmazonRootCA1.pem"You can download the RootCA here.
~I'll make sure to update the README to include this CMake option in the CMake command.~ I'll submit a PR to fix the broken certificate download.
Now I'm trying to use AWS IoT embedded C SDK in Ubuntu 20.04.
The step: cmake -S . -Bbuild -DAWS_IOT_ENDPOINT="xxx-ats.iot.xxx.amazonaws.com" -DROOT_CA_CERT_PATH="/home/builder/ca.pem" -DCLIENT_CERT_PATH="/home/builder/cert.pem" -DCLIENT_PRIVATE_KEY_PATH="/home/builder/key.pem" cd build make mqtt_demo_mutual_auth
then I got the following error message when running mqtt_demo_mutual_auth [ERROR] [Transport_OpenSSL_Sockets] [openssl_posix.c:280] SSL_connect failed to perform TLS handshake. [ERROR] [Transport_OpenSSL_Sockets] [openssl_posix.c:696] Failed to establish a TLS connection.
I've tested mqtt using MQTT.fx with above files(ca.pem,cert.pem,key.pem).
Can anyone help on this why I am getting issue. Thanks.