Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

python paho mqtt client connection through ssl/tls giving an error

Tags:

python

ssl

mqtt

paho

I am trying to connect my python paho mqtt client to my broker through tls using my own certificate authority. I generated necessary files and configured my RabbitMQ broker to use them. My idea is that the client authenticates the server but client itself doesn't need to be authenticated.

  • ca.cert.pem
  • cert.pem
  • key.pem

I know these should work correctly because I also have a scala paho mqtt client that works correctly.

Currently I am running the file directly from the terminal on my mac. I am using an virtuanenv created by python 3.5.2 and I have a file subscribe.py

import paho.mqtt.client as paho
import ssl

def on_message(clnt, userdata, msg):
    print(msg.topic+" "+str(msg.payload))

def on_connect(client, userdata, rc):
        print("Connected with result code "+str(rc))
        mqttc.subscribe("foo")

mqttc = paho.Client()
mqttc.on_message = on_message
mqttc.on_message = on_message
mqttc.tls_set("ca.cert.pem", tls_version=ssl.PROTOCOL_TLSv1_2)
mqttc.connect("address", 8883, 60)
mqttc.loop_forever()

When I run the file I receive the following error

ssl.SSLEOFError: EOF occurred in violation of protocol (_ssl.c:645)

I have also tried changing the tls_version to TLSv1_1, TLSv1 and leaving it out completely. ca.cert.pem is in the same folder as the subscribe.py file

The example on paho website seems very simple so what am I missing here? Why do I receive the error on my python client?

like image 339
sergei Avatar asked Oct 29 '22 21:10

sergei

1 Answers

Have you tried mosquitto clients? There are lots of possibility for the problem you have encountered, so best way to figured it out is trying another way.

mosquitto_sub -h address -p 8883 --cafile ca.cert.pem -t "#" -d -v

d flag is for debug messages, v flag is verbose mode.

If mosquitto client cannot connect with ca, you can try:

mosquitto_sub -h address -p 8883 --cafile ca.cert.pem -t "#" -d -v --insecure

The insecure flag will ignore CA checking for server. If add the insecure flag can make you connected, then maybe the CA is wrong. You can use openssl to debug it then.

like image 176
Asoul Avatar answered Nov 15 '22 06:11

Asoul
Sign in to Comment

Related questions

function to return copy of np.array with some elements replaced
Retain ordering of text data when vectorizing
Dynamic spectrum using plotly
youtube-dl only extract playlist info
Write in json file with Python [duplicate]
Running a (python) script in another directory [duplicate]
How do I remove double back slash (`\\`) from a bytes object?
linear algebra in python
Maintaining a Lite and Pro Version of Python Project with Git/PyCharm
how to inquire an iterator in python without changing its pre-inquire state
plotting pandas intraday time series only for periods with data
python merge duplicates in a single list and combine the results
Python Sockets - Keeping a connection to a server alive from the client
Python MySQL queries time out where MySQL workbench works fine
How to connect to remote Spark cluster from python in docker
Pandas plot, combine two plots
Spark ML Pipeline Causes java.lang.Exception: failed to compile ... Code ... grows beyond 64 KB
dlib train_object_detector immense amounts of RAM usage
Tensorflow: Using weights trained in one model inside another, different model
Fail to implement layer normalization with keras

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!