Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Connecting AWS Iot Core without Cognito. #2867

Closed
kartic-techindustan opened this issue Apr 13, 2022 · 6 comments
Closed

Connecting AWS Iot Core without Cognito. #2867

kartic-techindustan opened this issue Apr 13, 2022 · 6 comments
Labels
bug Something isn't working iot Issues with the AWS Android SDK for Internet of Things (IoT)

Comments

@kartic-techindustan
Copy link

kartic-techindustan commented Apr 13, 2022
edited
Loading

State your question
I Want to connect to AWS Iot with using certificate and private key only without use of cognito service.

  • I have certificates in assets folder.

Problem

  • Not able to connect to aws.

Which AWS Services are you utilizing?

  • Iot

Provide code snippets (if applicable)

val certificateId = "certificateId"

val assetManager = assets
var input: InputStream = assetManager.open("key.pem")
var size: Int = input.available()
val buffer = ByteArray(size)
input.read(buffer)
input.close()
val privateKeyPem = String(buffer)

input = assetManager.open("cert.pem")
size = input.available()
val buffer2 = ByteArray(size)
input.read(buffer2)
input.close()
val certPem = String(buffer2)


val keystorePath = filesDir.path
val keystoreName = "KEYSTORE_NAME";
val keystorePassword = "KEYSTORE_PASSWORD";

var clientKeyStore: KeyStore? = null

try {
	if (AWSIotKeystoreHelper.isKeystorePresent(keystorePath, keystoreName)) {
		if (AWSIotKeystoreHelper.keystoreContainsAlias(
				certificateId, keystorePath,
				keystoreName, keystorePassword
			)
		) {
			clientKeyStore = AWSIotKeystoreHelper.getIotKeystore(
				certificateId,
				keystorePath, keystoreName, keystorePassword
			)
		}
	}
} catch (e: Exception) {
	Log.e(LOG_TAG, "An error occurred retrieving cert/key from keystore.", e)
}

if (clientKeyStore == null) {
	AWSIotKeystoreHelper.saveCertificateAndPrivateKey(
		certificateId,
		certPem,
		privateKeyPem,
		keystorePath,
		keystoreName,
		keystorePassword
	)

	clientKeyStore = AWSIotKeystoreHelper.getIotKeystore(
		certificateId,
		keystorePath, keystoreName, keystorePassword
	)

}

val clientId = UUID.randomUUID().toString()
val manager = AWSIotMqttManager(clientId, "endpoint")

manager.connect(clientKeyStore, object : AWSIotMqttClientStatusCallback {
	override fun onStatusChanged(
		status: AWSIotMqttClientStatusCallback.AWSIotMqttClientStatus?,
		throwable: Throwable?
	) {
		Log.e("TAG", "status: " + status.toString())

		if (status == AWSIotMqttClientStatusCallback.AWSIotMqttClientStatus.Connecting) {
			Log.e("TAG1", "status: Connecting")
		}
		if (status == AWSIotMqttClientStatusCallback.AWSIotMqttClientStatus.Connected) {
			Log.e("TAG1", "status: Connected")
		}
		if (status == AWSIotMqttClientStatusCallback.AWSIotMqttClientStatus.ConnectionLost) {
			Log.e("TAG1", "status: ConnectionLost")
		}
		if (status == AWSIotMqttClientStatusCallback.AWSIotMqttClientStatus.Reconnecting) {
			Log.e("TAG1", "status: Reconnecting")
		}
	}
})

Logs -

2022-04-13 19:40:32.808 7745-7745/com.example.demo I/com.example.demo.ui.MainActivity: Certificate "xxxxxx" found in keystore - using for MQTT.
2022-04-13 19:40:32.873 7745-7745/com.example.demo D/AWSIotMqttManager: MQTT broker: ssl://xxx.xxx.amazonaws.com:8883
2022-04-13 19:40:32.922 7745-7745/com.example.demo D/AWSIotMqttManager: ready to do mqtt connect
2022-04-13 19:40:32.922 7745-7745/com.example.demo I/AWSIotMqttManager: metrics collection is enabled, username: ?SDK=Android&Version=2.22.6
2022-04-13 19:40:32.922 7745-7745/com.example.demo I/AWSIotMqttManager: resetting reconnect attempt and retry time
2022-04-13 19:40:32.922 7745-7745/com.example.demo D/AWSIotMqttManager: Setting up Callback for MqttClient
2022-04-13 19:40:32.922 7745-7745/com.example.demo E/TAG: status: Connecting
2022-04-13 19:40:32.922 7745-7745/com.example.demo E/TAG1: status: Connecting
2022-04-13 19:40:32.929 7745-7745/com.example.demo I/ContentCaptureHelper: Setting logging level to OFF
2022-04-13 19:40:33.039 7745-7816/com.example.demo W/AWSIotMqttManager: onFailure: connection failed.
2022-04-13 19:40:33.039 7745-7816/com.example.demo E/TAG: status: Reconnecting
2022-04-13 19:40:33.039 7745-7816/com.example.demo E/TAG1: status: Reconnecting
2022-04-13 19:40:33.039 7745-7816/com.example.demo I/AWSIotMqttManager: schedule Reconnect attempt 0 of 1 in 4 seconds.
2022-04-13 19:40:37.045 7745-7817/com.example.demo D/AWSIotMqttManager: TID: 7817 trying to reconnect to session
2022-04-13 19:40:37.046 7745-7817/com.example.demo I/AWSIotMqttManager: attempting to reconnect to mqtt broker
2022-04-13 19:40:37.046 7745-7817/com.example.demo D/AWSIotMqttManager: Setting up Callback for MqttClient
2022-04-13 19:40:37.046 7745-7817/com.example.demo D/AWSIotMqttManager: mqtt reconnecting attempt 1
2022-04-13 19:40:37.060 7745-7824/com.example.demo W/AWSIotMqttManager: Reconnect failed 
2022-04-13 19:40:37.060 7745-7824/com.example.demo I/AWSIotMqttManager: schedule Reconnect attempt 1 of 1 in 8 seconds.
2022-04-13 19:40:37.060 7745-7824/com.example.demo W/AWSIotMqttManager: schedule reconnect returns false
2022-04-13 19:40:37.060 7745-7824/com.example.demo E/TAG: status: ConnectionLost
2022-04-13 19:40:37.060 7745-7824/com.example.demo E/TAG1: status: ConnectionLost

Environment(please complete the following information):

  • SDK Version: 2.43.0

Device Information (please complete the following information):

  • Device: Pixel 4A
  • Android Version: 12
@eeatonaws eeatonaws added bug Something isn't working iot Issues with the AWS Android SDK for Internet of Things (IoT) labels Apr 13, 2022
@kartic-techindustan
Copy link
Author

@richardmcclellan can you please help on this one?

@frestoinc
Copy link

@kartic-techindustan can u check whether your certPem is a combination of public cert and root ca cert?

also your clientKeyStore can just be getIotKeystore. It will throw exception if keystore doesn't exist. And just for ease of mind, you can delete any existing keystore file when exception is thrown and recreate one.

File(keystorePath, k keystoreName).also { file ->
    if (file.exists()) {
        file.delete()
    }
}

@kartic-techindustan
Copy link
Author

@frestoinc its working now. Some backend issue.
Before closing this issue, can you please tell me, is it ok to keep certPem and private key in app ?
If not, what's the best solution for this ?

@frestoinc
Copy link

@kartic-techindustan if u mean by asset manager just like the eg u given above is a no. if u mean by keeping in keystore then yes is ok

@kartic-techindustan
Copy link
Author

@frestoinc thanks.

@Saurabhkumar12-byte
Copy link

@kartic-techindustan can u check whether your certPem is a combination of public cert and root ca cert?

also your clientKeyStore can just be getIotKeystore. It will throw exception if keystore doesn't exist. And just for ease of mind, you can delete any existing keystore file when exception is thrown and recreate one.

File(keystorePath, k keystoreName).also { file ->
    if (file.exists()) {
        file.delete()
    }
}

Is it required for certPem to be a combination of public cert and root ca cert as I have cert pem available as separate file? If yes then how to do that?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working iot Issues with the AWS Android SDK for Internet of Things (IoT)
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@frestoinc @eeatonaws @Saurabhkumar12-byte @kartic-techindustan