Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

AWS IOT MQTT: Getting error ERR_CERT_SYMANTEC_LEGACY in chrome

I am using AWS IOT MQTT protocol for realtime update on my web app, I'm getting this certificate error net::ERR_CERT_SYMANTEC_LEGACY on Chrome, it's only working on localhost.

like image 917
Faraz Sarwar Avatar asked Aug 10 '18 07:08

Faraz Sarwar


People also ask

Does AWS IoT support MQTT?

AWS IoT Core supports device connections that use the MQTT protocol and MQTT over WSS protocol and that are identified by a client ID. The AWS IoT Device SDKs support both protocols and are the recommended ways to connect devices to AWS IoT.

What MQTT broker does AWS IoT use?

The AWS IoT Core MQTT broker and AWS IoT Device SDK are also compliant with the MQTT 3.1. 1 standard, so you can use these features to create an application that uses MQTT 3.1. 1 across your devices and the AWS Cloud.

Which AWS service supports MQTT protocol?

AWS IoT Core supports devices and clients that use the MQTT and the MQTT over WebSocket Secure (WSS) protocols to publish and subscribe to messages, and devices and clients that use the HTTPS protocol to publish messages.


1 Answers

Symantec certificates won't work from Chrome 70

AWS just posted a solution:

  • IoT endpoints can't be changed automatically like other AWS services because IoT devices need to be updated too.
  • IoT now provides a new endpoint to Amazon Trust Services (ATS), which uses a trusted certificate. They have -ats at the end, i.e. example-ats.iot.us-east-2.amazonaws.com. Both new and old endpoints are interoperable (the only difference is the certificate).
  • New regions launched after May, 2018 serve Amazon Trust Services signed certificates only.

How to update:

  • Run aws iot describe-endpoint --endpoint-type iot:Data-ATS
  • Update the endpoint on your web app with that new URL.

More info at: How AWS IoT Core is Helping Customers Navigate the Upcoming Distrust of Symantec Certificate Authorities

like image 111
nachoab Avatar answered Oct 15 '22 17:10

nachoab