Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

[AWS Greengrass] Core device fails to connect to AWS IoT Core over Charles proxy.

0

I am trying to connect my Core device (Raspberry Pi 3 Model B) over Charles Proxy.

  1. I set up the Charles proxy on my laptop.
  2. I updated the Nucleus configuration by deployment.
{
  "networkProxy": {
    "proxy": {
      "url": "http://192.168.0.38:8888"
    }
  }
  1. Added the Charles Root Certificate to the core device's Amazon root CA certificate file as it is described in Enable the core device to trust an HTTPS proxy.

Actual result: The device cannot connect to AWS IoT Core.

2023-04-04T12:44:19.588Z [INFO] (pool-2-thread-12) com.aws.greengrass.mqttclient.AwsIotMqttClient: Connecting to AWS IoT Core. {clientId=rpi_3_B}
2023-04-04T12:44:22.102Z [ERROR] (Thread-4) com.aws.greengrass.mqttclient.AwsIotMqttClient: Unable to connect to AWS IoT Core. {clientId=rpi_3_B}
software.amazon.awssdk.crt.mqtt.MqttException: socket is closed.
        at software.amazon.awssdk.crt.mqtt.MqttClientConnection.onConnectionComplete(MqttClientConnection.java:140)

2023-04-04T12:44:22.110Z [ERROR] (pool-2-thread-12) com.aws.greengrass.mqttclient.MqttClient: Error when publishing from spooler. {}
java.util.concurrent.ExecutionException: software.amazon.awssdk.crt.mqtt.MqttException: socket is closed.
        at java.base/java.util.concurrent.CompletableFuture.reportGet(CompletableFuture.java:395)
        at java.base/java.util.concurrent.CompletableFuture.get(CompletableFuture.java:1999)
        at com.aws.greengrass.mqttclient.MqttClient.runSpooler(MqttClient.java:659)
        at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
        at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
        at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
        at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
        at java.base/java.lang.Thread.run(Thread.java:829)
Caused by: software.amazon.awssdk.crt.mqtt.MqttException: socket is closed.
        at software.amazon.awssdk.crt.mqtt.MqttClientConnection.onConnectionComplete(MqttClientConnection.java:140)

Here are the logs received from Charles: Unfortunately, I cannot attach .csv or .chls files.

Any idea why AWS IoT Core is terminating the connection?

Themen
Internet der Dinge (IoT)Entwicklertools
Tags
AWS IoT GreengrassAWS IoT CoreEntwicklertools
Sprache
English
Vadzim
gefragt vor einem Jahr569 Aufrufe
1 Antwort
1
Akzeptierte Antwort

AWS IoT Greengrass uses TLS mutual authentication to connect to AWS IoT Core: https://docs.aws.amazon.com/greengrass/v2/developerguide/device-auth.html#:~:text=Communication%20between%20core%20devices%20and%20client%20devices%20and%20between%20devices%20and%20AWS%20IoT%20Core%20or%20AWS%20IoT%20Greengrass%20must%20be%20authenticated.%20This%20mutual%20authentication%20is%20based%20on%20registered%20X.509%20device%20certificates%20and%20cryptographic%20keys..

TLS mutual auth prevents introspecting proxies from working by design, for security.

You must use a transparent proxy which does not intercept and modify the TLS connection. Additionally, you have set the proxy for "http" and not "https". Use "https" if the connection to the proxy itself should use TLS.

Cheers,

Michael

AWS
EXPERTE
MichaelDombrowski-AWS
beantwortet vor einem Jahr
profile picture
EXPERTE
Giovanni Lauria
überprüft vor 2 Monaten
  • Vadzim
    vor einem Jahr

    I understand. Thank you for such a quick response!

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt