search

emqx / emqtt

Erlang MQTT 5.0 Client
https://www.emqx.com
Apache License 2.0
401 stars 167 forks source link

{:error, {:keyfile, :function_clause}} #82

Closed 5HT closed 5 years ago

5HT commented 5 years ago 
iex(1)> {:ok, conn} = :emqtt.start_link([{:client_id, "maxim"},{:force_ping,true},
        {:ssl, true},
        {:ssl_opts,[{:certfile,'../../../deps/ca/priv/ca_ecdsa/certs/client.pem'},
                    {:keyfile,'../../../deps/ca/priv/ca_ecdsa/certs/client.key'},
                    {:ciphers,['ECDHE-ECDSA-AES256-GCM-SHA384']},
                    {:port,8883},
                    {:host,"127.0.0.1"},
                    {:cacertfile,'../../../deps/ca/priv/ca_ecdsa/certs/caroot.pem'}]}])
{:ok, #PID<0.3857.0>}
iex(2)> :emqtt.connect conn
{:error, {:keyfile, :function_clause}}
5HT commented 5 years ago

When I removed Encryption from cert with

openssl ec -in certs/client.key -out certs/client.key.rp

The error changed to:

2019-08-22T05:54:25.247317+03:00 error: State machine <0.165.0> terminating, Last event = {{call,{<0.162.0>,#Ref<0.2946035376.3214671873.52706>}},{connect,emqtt_sock}}, When server state = {initialized,{state,undefined,<0.162.0>,undefined,{127,0,0,1},1883,[],emqtt_sock,undefined,[{ssl_opts,[{certfile,"/Users/maxim/depot/synrc/deps/ca/priv/ca_ecdsa/certs/client.pem"},{keyfile,"/Users/maxim/depot/synrc/deps/ca/priv/ca_ecdsa/certs/client.key.rp"},{ciphers,["ECDHE-ECDSA-AES256-GCM-SHA384"]},{cacertfile,"/Users/maxim/depot/synrc/deps/ca/priv/ca_ecdsa/certs/caroot.pem"}]}],60000,false,<<"12">>,true,undefined,undefined,4,<<"MQTT">>,60,undefined,true,false,false,{mqtt_msg,0,false,false,undefined,undefined,undefined,undefined},#{},[],#{},infinity,#{},#{},true,30000,undefined,0,undefined,undefined,1,{none,#{max_size => 268435455,version => 4}}}}, Reason for termination = exit:closed, Callback mode = state_functions, Stacktrace =, [{gen_statem,loop_state_callback_result,11,[{file,"gen_statem.erl"},{line,1292}]},{proc_lib,init_p_do_apply,3,[{file,"proc_lib.erl"},{line,249}]}], Client <0.162.0> stacktrace, ** [{gen,do_call,4,[{file,"gen.erl"},{line,167}]},{gen_statem,call_dirty,4,[{file,"gen_statem.erl"},{line,611}]},{erl_eval,do_apply,6,[{file,"erl_eval.erl"},{line,684}]},{shell,exprs,7,[{file,"shell.erl"},{line,686}]},{shell,eval_exprs,7,[{file,"shell.erl"},{line,642}]},{shell,eval_loop,3,[{file,"shell.erl"},{line,627}]}] {error,closed}

And at the EMQ X:

1> Starting emqx on node nonode@nohost
Start mqtt:tcp listener on 127.0.0.1:11883 successfully.
Start mqtt:tcp listener on 0.0.0.0:1883 successfully.
Start mqtt:ws listener on 0.0.0.0:8083 successfully.
Start mqtt:ssl listener on 0.0.0.0:8883 successfully.
Start mqtt:wss listener on 0.0.0.0:8084 successfully.
EMQ X Broker 0.0.0+build.1.ref2cbfb2b is running now!
Start http:management listener on 8080 successfully.
Start http:dashboard listener on 18083 successfully.
=ERROR REPORT==== 22-Aug-2019::05:53:11.662386 ===
Parse failed for function_clause
Error data:<<22,3,3,0,145,1,0,0,141,3,3,93,94,3,151,200,3,235,199,11,20,81,48,
             170,44,13,30,135,130,139,245,135,249,226,99,149,151,187,110,144,
             128,31,229,0,0,4,0,255,192,44,1,0,0,96,0,13,0,24,0,22,6,3,6,1,5,3,
             5,1,4,3,4,1,3,3,3,1,2,3,2,1,2,2,0,10,0,58,0,56,0,14,0,13,0,25,0,
             28,0,11,0,12,0,27,0,24,0,9,0,10,0,26,0,22,0,23,0,8,0,6,0,7,0,20,0,
             21,0,4,0,5,0,18,0,19,0,1,0,2,0,3,0,15,0,16,0,17,0,11,0,2,1,0>>

However these certs are known to be good and verifiable with

openssl s_server -accept 2009 \
      -key certs/server.key \
      -cert certs/server.pem \
      -CAfile certs/caroot.pem -Verify 1

openssl s_client -connect localhost:2009 \
      -key certs/client.key \ 
      -cert certs/client.pem \
      -CAfile certs/caroot.pem -showcerts

Is that cowboy/ranch/erlang issue or emqtt ?

5HT commented 5 years ago

I resolved by following ECC CNF: https://ca.n2o.space/man/ecc.htm