I'm trying to send some simple message with mosquitto_pub to Azure IoT HUB but faced some problems with authorization. I'm using following script:
mosquitto_pub \
-h xxxdev.azure-devices.net \
-u "xxxdev.azure-devices.net/xxxdev/?api-version=2018-06-30" \
-P "SharedAccessSignature sr=xxx.azure-
devices.net%2Fdevices%2Fxxxdev&sig=YYYYY&se=1570866689&skn=ZZZZZZZ" \
-t "devices/xxxdev/messages/events/" \
--cafile ca.pem \
-p 8883 \
-i xxxdev \
-V mqttv311 \
-d \
-m 'message'
and after run this script I get following messages:
Client xxxdev sending CONNECT
Client xxxdev received CONNACK (5)
Connection error: Connection Refused: not authorised.
Client xxxdev sending DISCONNECT
My questions are: What exactly does those messages mean? Is it because some parameter like password (given with -P param) is wrong?
I've generated SAS token with bash script: https://learn.microsoft.com/en-us/rest/api/eventhub/generate-sas-token
Assuming that this bash script generates properly the password - what else could be the problem here? How to fix the problem?
Related
hi I tried to check connection to eventhub using kafkacat in one of my VM in azure
I gave the following parametrs(fill my hab name and all):
kafkacat \
-b <your-hub-name>.servicebus.windows.net:9092 \
-X security.protocol=sasl_ssl \
-X sasl.mechanism=PLAIN \
-X sasl.username='$ConnectionString' \
-X sasl.password='Endpoint=sb://<your-hub-name>.servicebus.windows.net/;SharedAccessKeyName=RootManageSharedAccessKey;SharedAccessKey=<primary-key>' \
-L
but I keep getting:
% ERROR: Failed to acquire metadata: Local: Broker transport failure
what can go wrong here ? do I have to create a topic and SAS authentication and take his keys?
The port of eventhub with kafka protocol is 9093.
https://learn.microsoft.com/en-us/azure/event-hubs/event-hubs-kafka-connect-tutorial
bootstrap.servers={YOUR.EVENTHUBS.FQDN}:9093 # e.g. namespace.servicebus.windows.net:9093
I'm trying to use Azure Iot hub for publishing and subscribing messages. At the moment I'm trying to publish some simple message with following command:
mosquitto_pub \
-h xxxdev.azure-devices.net \
-u "xxxdev.azure-devices.net/xxxdev/?api-version=2018-06-30" \
-P "SharedAccessSignature sr=xxx.azure-
devices.net%2Fdevices%2Fxxxdev&sig=YYYYY&se=1570866689&skn=ZZZZZZZ" \
-t "devices/ublox1/messages/events/" \
--cafile ca.pem \
-p 8883 \
-i xxxdev \
-V mqttv311 \
-d \
-m 'message'
and subscribe with this one:
mosquitto_sub \
-h xxxdev.azure-devices.net \
-u "xxxdev.azure-devices.net/ublox1" \
-P "SharedAccessSignature sr=xxxdev.azure-
devices.net%2Fdevices%2Fublox1&sig=YYYYY&se=1607025033"
-t "devices/ublox1/messages/events/" \
-i xxxdev \
-V mqttv311 \
-p 8883 \
--cafile ca.pem \
-v -d
but I cannot receive any of published messages.
Here is what the output of the subscribe side:
Client xxxdev sending CONNECT
Client xxxdev received CONNACK (0)
Client xxxdev sending SUBSCRIBE (Mid: 1, Topic: topic/, QoS: 0, Options: 0x00)
Client xxxdev received SUBACK
Subscribed (mid: 1): 0
and that is all. No PUBLISH messages I am able to receive on subscribe side.
My question is: what can be the reason that I cannot receive anything on subscriber side?
For testing purpose I run Visual Studio Code and run "Monitoring built-in event endpoint" - and it correctly shows my published messages - so what is going on? Why Visual Studio Code is able to shows my messages but mosquitto cannot?
Azure IoT Hub is not a full-blown MQTT server/broker. In order to subscribe to telemetry messages coming from the devices, you need to use the built-in event grid endpoint. You can however use MQTT to subscribe to "cloud-to-device" messages, calls to direct methods, or device twin updates.
When adding a connection using the Twitter connector offered by the Unification Engine, what are the parameters that need to be used and how are they to be passed in the URI?
To send tweet use
curl -XPOST https://apiv2.unificationengine.com/v2/message/send \
--data "{ \"message\": { \"receivers\": [{\"name\": \"name\", \"address\": \"TWITTER_HANDLE\" , \"Connector\": \"UNIQUE_CONNECTION_IDENTIFIER\"}],\"parts\": [{\"id\": \"1\",\"contentType\": \"text/plain\", \"data\":\"MESSAGE_CONTENT\" ,\"size\": MESSAGE_CONTENT_SIZE,\"type\": \"body\",\"sort\":0}]}}" \
-u USER_ACCESSKEY:USER_ACCESSSECRET -k
Where USER_ACCESSKEY:USER_ACCESSSECRET is got when you add the user using UE_APPKEY:UE_APPSECRET
curl -XPOST https://apiv2.unificationengine.com/v2/user/create -u UE_APPKEY:UE_APPSECRET \
--data '{}' -k
Response data:
{"status":200,"info":"200 OK","uri":"user://USER_ACCESSKEY:USER_ACCESSSECRET"}
Let me explain the commands used to add a twitter connection in #UnificationEngine
To add twitter connection in #UnificationEngine use
curl -XPOST https://apiv2.unificationengine.com/v2/connection/add \
-u USER_ACCESSKEY:USER_ACCESSSECRET \
--data '{"uri":"twitter://ACCESS_TOKEN:SECRET#twitter.com","name":"UNIQUE_CONNECTION_IDENTIFIER"}' \
-k
ACCESS_TOKEN:SECRET - is the one got by authentication the twitter connection in the user application.
UNIQUE_CONNECTION_IDENTIFIER - specified here will be further used to address this connection in UE.
f.e to send a tweet the user will have to use the variable specified under UNIQUE_CONNECTION_IDENTIFIER
Recently Microsoft Azure has added a MQTT backend to its' services.
This service uses TLS do encrypt its traffic.
I can't connect between Mosquitto and the Microsoft Azure Cloud.
I downloaded the server certificate with
echo -n | openssl s_client -connect mytarget.azure-devices.net:8883 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/test.cert
And then tried to connect with mosquitto_sub
mosquitto_sub -h mytarget.azure-devices.net -p 8883 -d -t devices/Device1/messages/events -i Device1 -u "mytarget.azure-devices.net/Device1" -P "SharedAccessSignature sr=snip&sig=snip&skn=snip" --cafile /tmp/test.pem --insecure
However, the connection is never built.
Mosquitto outputs:
Client Device1 sending CONNECT
Error: A TLS error occurred.
I have previously successfully connected mosquitto over ssl to the Amazon cloud (although I got a certificate and Private Key for that).
So I tried with adding client certificate/key, which I got from AWS, hopingg the error is that mosquitto does need those files too.
mosquitto_sub -h mytarget.azure-devices.net -p 8883 -d -t devices/Device1/messages/events -i Device1 -u "mytarget.azure-devices.net/Device1" -P "SharedAccessSignature sr=snip&sig=snip&skn=snip" --cafile /tmp/test.pem --cert certificate.pem.crt --key -private.pem.key --insecure --insecure
However, this didn't help and didn't change the error message.
I then looked in to the mosquitto code at github and found that the error is probably caused on this line by SSL_connect, which seems to be a openssl function.
Has anybody made mosquitto connect to the Microsoft Azure cloud or has any pointers where to look next?
edit:
I seem to be able to publish by tunneling the SSL over socat:
socat openssl-connect:mytarget.azure-dices.net:8883,verify=0 tcp-l:8884,reuseaddr,fork
And then connection on mosquitto to -h localhost instead of azure gets me:
Client Device1 sending CONNECT
Client Device1 received CONNACK
Client Device1 sending PUBLISH (d0, q0, r0, m1, 'devices/Device1/messages/events', ... (4 bytes))
Client Device1 sending DISCONNECT
It might be that something from the Azure Host is throwing of mosquitto.
Subscribing like this with mosquitto also works.
The problem with this approach is that the ssl-connection seems to be destroyed after the first (few) packet(s) and socat subsequentally complains with
E SSL_write(): Broken pipe
For anyone else searching for this.
We finally managed to get it working with mosquitto_sub/pub:
mosquitto_sub -h mytarget.azure-devices.net -p 8883 -t "devices/Device1/messages/devicebound/#" -i Device1 -u "mytarget.azure-devices.net/Device1" -P "SharedAccessSignature sr=mytarget.azure-devices.net&sig=snip&skn=snip" --capath /etc/ssl/certs/ --tls-version tlsv1 -d -V mqttv311 -q 1
and for publishing:
mosquitto_pub -h mytarget.azure-devices.net -p 8883 -t "devices/Device1/messages/events/" -i Device2 -u "mytarget.azure-devices.net/Device2" -P "SharedAccessSignature sr=bbvgathering.azure-devices.net&sig=snip&se=snip&skn=snip" --capath /etc/ssl/certs/ --tls-version tlsv1 -d -V mqttv311 -q 1 -m "{\"key\": \"value\"}"
Important You have to send JSON-Data, everything else will get rejected (at least on our setup)!
Note Be adviced that you (seemingly) can't directly send from one device to the other. As this is contra the Cloud way.
You'll have to configure a Connection in the cloud
I'm using the IoT Agent Ultra-Light module to communicate with the Orion context broker. I can create services and devices and I have checked that the observations reach the context broker too.
curl -X POST XXX.XXX.XXX.XXX:8090/iot/services \
-i \
-H "Content-Type: application/json" \
-H "Fiware-Service: sanitysrv " \
-H "Fiware-ServicePath: / sanitysspath " \
-d '{"services": [{"apikey": "", "cbroker": "http://127.0.0.1:1026", "entity_type": "Dispositivo_tmp", "resource": "/iot/d"}]}'
curl -X POST XXX.XXX.XXX.XXX:8090/iot/devices \
-i \
-H "Content-Type: application/json" \
-H "Fiware-Service: sanitysrv" \
-H "Fiware-ServicePath: /sanitysspath" \
-d '{"devices":[{"device_id":"CE_BDM_3","protocol":"PDI-IoTA-UltraLight", "commands": [], "attributes": [{"type":"int","name":"temperature","object_id":"t"}]}]}'
My problem is that I don´t know how to register a device that contains lazy attributes, and I haven´t found any documentation with related examples. The examples from other IoT Agents that I have tried are not working here.
¿How can it be done?
Lazy attributes are not supported in the UL2.0/MQTT Agent so far but in IoT Agents developed with node.js.
We'll let you know as soon as this feature is available.
Cheers,