- 新しい順
- 投票が多い順
- コメントが多い順
Hi. Your openssl
command is generating a PEM key file in PKCS#8 format instead of the PKCS#1 format returned when AWS IoT Core generates the key. So your key file has a "BEGIN PRIVATE KEY" header instead of "BEGIN RSA PRIVATE KEY". I'm not familiar with CryptDecodeObjectEx()
, but I think the PKCS_RSA_PRIVATE_KEY
parameter might be demanding PKCS#1.
So you may find more success by generating your own key and certificate as documented here: https://docs.aws.amazon.com/iot/latest/developerguide/create-device-cert.html
Hi,
are you using really <>
in your path? I assume you don't have a directory named <>
?
Perhaps you should modify your command to look similar to (assuming you are in the same directory where your key/cert is stored):
basic_connect.exe --client_id "ME" --endpoint "*-ats.iot.eu-west-1.amazonaws.com" --cert "MyCertificate.crt" --key "MyPrivate.key" --verbosity "Debug"
You need also to use a valid iot endpoint. In your case you need to replace *
with the unique id of your endpoint.
Cheers,
Philipp
"<>" is not a valid path in windows. "<>" and "*" are just a replacement for the real values. I just don't want to share anything personal on the internet. The key is well loaded and as in my file "private.key" in
aws_import_key_pair_to_cert_context
arguments. It isCryptDecodeObjectEx
which is failing on it. I want to understand why. The documentation specify well that aws support rsa + sh256, that should be provided in a PEM format.You can find some information about troubleshooting connectivity at https://docs.aws.amazon.com/iot/latest/developerguide/diagnosing-connectivity-issues.html. You can use openssl to validate if your certificate is working correctly.
Thanks. =)