Closed qiao-rsa closed 3 years ago
Please attach a trace log of your program run. You can use system properties to enable this:
-Daws.crt.log.level=Trace -Daws.crt.log.filename=
Also, if you could include the code snippet where you configure the connection that would be very helpful as well.
Hello @bretambrose Please find the getConnection()
method below.
private MqttClientConnection getConnection(String deviceId) throws GeneralSecurityException {
CertificateService.TlsContext tlsContext = certificateService.getTlsContext(ALIAS);
try (EventLoopGroup eventLoopGroup = new EventLoopGroup(1);
HostResolver resolver = new HostResolver(eventLoopGroup);
ClientBootstrap clientBootstrap = new ClientBootstrap(eventLoopGroup, resolver);
AwsIotMqttConnectionBuilder builder =
AwsIotMqttConnectionBuilder.newMtlsBuilder(
tlsContext.getCertificatePem(), tlsContext.getPrivateKeyPem())) {
builder
.withBootstrap(clientBootstrap)
.withClientId(deviceId)
.withEndpoint(activationConfig.getIotHost());
return builder.build();
}
}
I'll send you the trace log file by email. Thank you for helping.
Can you verify the content/format of the certificate? Does it have BEGIN and END certificate tags? To eliminate possible certificate formatting issues which may vary in behavior across Windows and Mac/Linux, we recommend testing code by generating a certificate through the IoT console, then downloading and using that. If that works, then the problem is with the specific certificate being used and we can dig deeper from there.
Thanks,
Greetings! It looks like this issue hasn’t been active in longer than a week. We encourage you to check if this is still an issue in the latest release. Because it has been longer than a week since the last update on this, and in the absence of more information, we will be closing this issue soon. If you find that this is still a problem, please feel free to provide a comment or add an upvote to prevent automatic closure, or if the issue is already closed, please feel free to open a new one.
I found out if I create a fresh certificate using IoT console with 1-click option and download both device cert and private key, it actually works fine. The problem is that we are using Java keytool and keystore (for our IoT device) to generate a private key first, save it in keystore, create a csr and send a csr request to IoT which returns a device cert and then save it to keystore. Next when the device is ready to connect, it retrieves both private key and device cert from keystore. Somehow AwsIotMqttConnectionBuilder was not able to be built and throws some TlsContext error.
This ticket can be closed while we continue to troubleshoot from the Java keystore side. Thank you.
Thanks for the update. I'll close for now, but if you hit something that we can possibly help with, feel free to create a new issue.
hi,i have this issue too this is code exception Exception in thread "main" java.util.concurrent.ExecutionException: software.amazon.awssdk.crt.mqtt.MqttException: The connection was closed unexpectedly. at java.base/java.util.concurrent.CompletableFuture.reportGet(CompletableFuture.java:395) at java.base/java.util.concurrent.CompletableFuture.get(CompletableFuture.java:1999) at rawpubsub.TestConnections.main(TestConnections.java:21) Caused by: software.amazon.awssdk.crt.mqtt.MqttException: The connection was closed unexpectedly. at software.amazon.awssdk.crt.mqtt.MqttClientConnection.onConnectionComplete(MqttClientConnection.java:139)
If you connect via proxy , please use network load balancer ( tcp) , don't use application load balancer . This is an example nginx reverse proxy for aws iot mqtt via nginx : https://www.0937686468.com/2022/09/nginx-reverse-proxy-for-aws-iot-mqtt.html
Confirm by changing [ ] to [x] below to ensure that it's a bug:
Known Issue
<prefix>-ats.iot.<region>.amazonaws.com
Describe the bug Hello, could you please help with the following error? Thank you. On windows 10 when I connect to MQTT over port 443, I got this exception: "software.amazon.awssdk.crt.mqtt.MqttException"
SDK version number