-
-
Save dpfrey/1a07d5d64bb305fa764bba043170bf24 to your computer and use it in GitHub Desktop.
Output from my aws_iot_mqtt_example program
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
========================================================= | |
Trace Output | |
Product name: Eclipse Paho Asynchronous MQTT C Client Library | |
Version: 1.3.0 | |
Build level: Tue Dec 11 20:51:09 PST 2018 | |
OpenSSL version: OpenSSL 1.1.1 11 Sep 2018 | |
OpenSSL flags: compiler: gcc -fPIC -pthread -m64 -Wa,--noexecstack -Wall -O3 -Wa,--noexecstack -D_FORTIFY_SOURCE=2 -march=x86-64 -mtune=generic -O2 -pipe -fstack-protector-strong -fno-plt -Wl,-O1,--sort-common,--as-needed,-z,relro,-z,now -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_AS | |
OpenSSL build timestamp: built on: Tue Sep 11 19:36:05 2018 UTC | |
OpenSSL platform: platform: linux-x86_64 | |
OpenSSL directory: OPENSSLDIR: "/etc/ssl" | |
/proc/version: Linux version 4.19.1-arch1-1-ARCH (builduser@heftig-16768) (gcc version 8.2.1 20180831 (GCC)) #1 SMP PREEMPT Sun Nov 4 16:49:26 UTC 2018 | |
========================================================= | |
20181211 220543.493 Connecting to serverURI acsf8ikktv204-ats.iot.us-west-2.amazonaws.com:8883 with MQTT version 4 | |
In ssl_error_callback with str=140643715286784:error:140DC009:SSL routines:use_certificate_chain_file:PEM lib:ssl/ssl_rsa.c:622: | |
20181211 220543.698 Connecting to serverURI acsf8ikktv204-ats.iot.us-west-2.amazonaws.com:8883 with MQTT version 3 | |
In ssl_error_callback with str=140643715286784:error:140DC009:SSL routines:use_certificate_chain_file:PEM lib:ssl/ssl_rsa.c:622: | |
Connection failed with code=-1, message=TCP/TLS connect failure | |
All finished |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
========================================================= | |
Trace Output | |
Product name: Eclipse Paho Asynchronous MQTT C Client Library | |
Version: 1.3.0 | |
Build level: Tue Dec 11 20:51:09 PST 2018 | |
OpenSSL version: OpenSSL 1.1.1 11 Sep 2018 | |
OpenSSL flags: compiler: gcc -fPIC -pthread -m64 -Wa,--noexecstack -Wall -O3 -Wa,--noexecstack -D_FORTIFY_SOURCE=2 -march=x86-64 -mtune=generic -O2 -pipe -fstack-protector-strong -fno-plt -Wl,-O1,--sort-common,--as-needed,-z,relro,-z,now -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_AS | |
OpenSSL build timestamp: built on: Tue Sep 11 19:36:05 2018 UTC | |
OpenSSL platform: platform: linux-x86_64 | |
OpenSSL directory: OPENSSLDIR: "/etc/ssl" | |
/proc/version: Linux version 4.19.1-arch1-1-ARCH (builduser@heftig-16768) (gcc version 8.2.1 20180831 (GCC)) #1 SMP PREEMPT Sun Nov 4 16:49:26 UTC 2018 | |
========================================================= | |
20181211 220655.676 Connecting to serverURI acsf8ikktv204-ats.iot.us-west-2.amazonaws.com:8883 with MQTT version 4 | |
20181211 220655.869 SSL cipher available: 0:TLS_AES_256_GCM_SHA384 | |
20181211 220655.869 SSL cipher available: 1:TLS_CHACHA20_POLY1305_SHA256 | |
20181211 220655.869 SSL cipher available: 2:TLS_AES_128_GCM_SHA256 | |
20181211 220655.869 SSL cipher available: 3:ECDHE-ECDSA-AES256-GCM-SHA384 | |
20181211 220655.870 SSL cipher available: 4:ECDHE-RSA-AES256-GCM-SHA384 | |
20181211 220655.870 SSL cipher available: 5:DHE-RSA-AES256-GCM-SHA384 | |
20181211 220655.870 SSL cipher available: 6:ECDHE-ECDSA-CHACHA20-POLY1305 | |
20181211 220655.870 SSL cipher available: 7:ECDHE-RSA-CHACHA20-POLY1305 | |
20181211 220655.870 SSL cipher available: 8:DHE-RSA-CHACHA20-POLY1305 | |
20181211 220655.870 SSL cipher available: 9:ECDHE-ECDSA-AES128-GCM-SHA256 | |
20181211 220655.870 SSL cipher available: 10:ECDHE-RSA-AES128-GCM-SHA256 | |
20181211 220655.870 SSL cipher available: 11:DHE-RSA-AES128-GCM-SHA256 | |
20181211 220655.870 SSL cipher available: 12:ECDHE-ECDSA-AES256-SHA384 | |
20181211 220655.870 SSL cipher available: 13:ECDHE-RSA-AES256-SHA384 | |
20181211 220655.870 SSL cipher available: 14:DHE-RSA-AES256-SHA256 | |
20181211 220655.870 SSL cipher available: 15:ECDHE-ECDSA-AES128-SHA256 | |
20181211 220655.870 SSL cipher available: 16:ECDHE-RSA-AES128-SHA256 | |
20181211 220655.870 SSL cipher available: 17:DHE-RSA-AES128-SHA256 | |
20181211 220655.870 SSL cipher available: 18:ECDHE-ECDSA-AES256-SHA | |
20181211 220655.870 SSL cipher available: 19:ECDHE-RSA-AES256-SHA | |
20181211 220655.870 SSL cipher available: 20:DHE-RSA-AES256-SHA | |
20181211 220655.870 SSL cipher available: 21:ECDHE-ECDSA-AES128-SHA | |
20181211 220655.870 SSL cipher available: 22:ECDHE-RSA-AES128-SHA | |
20181211 220655.870 SSL cipher available: 23:DHE-RSA-AES128-SHA | |
20181211 220655.870 SSL cipher available: 24:RSA-PSK-AES256-GCM-SHA384 | |
20181211 220655.870 SSL cipher available: 25:DHE-PSK-AES256-GCM-SHA384 | |
20181211 220655.870 SSL cipher available: 26:RSA-PSK-CHACHA20-POLY1305 | |
20181211 220655.870 SSL cipher available: 27:DHE-PSK-CHACHA20-POLY1305 | |
20181211 220655.870 SSL cipher available: 28:ECDHE-PSK-CHACHA20-POLY1305 | |
20181211 220655.870 SSL cipher available: 29:AES256-GCM-SHA384 | |
20181211 220655.870 SSL cipher available: 30:PSK-AES256-GCM-SHA384 | |
20181211 220655.870 SSL cipher available: 31:PSK-CHACHA20-POLY1305 | |
20181211 220655.870 SSL cipher available: 32:RSA-PSK-AES128-GCM-SHA256 | |
20181211 220655.870 SSL cipher available: 33:DHE-PSK-AES128-GCM-SHA256 | |
20181211 220655.870 SSL cipher available: 34:AES128-GCM-SHA256 | |
20181211 220655.870 SSL cipher available: 35:PSK-AES128-GCM-SHA256 | |
20181211 220655.870 SSL cipher available: 36:AES256-SHA256 | |
20181211 220655.870 SSL cipher available: 37:AES128-SHA256 | |
20181211 220655.870 SSL cipher available: 38:ECDHE-PSK-AES256-CBC-SHA384 | |
20181211 220655.870 SSL cipher available: 39:ECDHE-PSK-AES256-CBC-SHA | |
20181211 220655.870 SSL cipher available: 40:SRP-RSA-AES-256-CBC-SHA | |
20181211 220655.870 SSL cipher available: 41:SRP-AES-256-CBC-SHA | |
20181211 220655.870 SSL cipher available: 42:RSA-PSK-AES256-CBC-SHA384 | |
20181211 220655.870 SSL cipher available: 43:DHE-PSK-AES256-CBC-SHA384 | |
20181211 220655.871 SSL cipher available: 44:RSA-PSK-AES256-CBC-SHA | |
20181211 220655.871 SSL cipher available: 45:DHE-PSK-AES256-CBC-SHA | |
20181211 220655.871 SSL cipher available: 46:AES256-SHA | |
20181211 220655.871 SSL cipher available: 47:PSK-AES256-CBC-SHA384 | |
20181211 220655.871 SSL cipher available: 48:PSK-AES256-CBC-SHA | |
20181211 220655.871 SSL cipher available: 49:ECDHE-PSK-AES128-CBC-SHA256 | |
20181211 220655.871 SSL cipher available: 50:ECDHE-PSK-AES128-CBC-SHA | |
20181211 220655.871 SSL cipher available: 51:SRP-RSA-AES-128-CBC-SHA | |
20181211 220655.871 SSL cipher available: 52:SRP-AES-128-CBC-SHA | |
20181211 220655.871 SSL cipher available: 53:RSA-PSK-AES128-CBC-SHA256 | |
20181211 220655.871 SSL cipher available: 54:DHE-PSK-AES128-CBC-SHA256 | |
20181211 220655.871 SSL cipher available: 55:RSA-PSK-AES128-CBC-SHA | |
20181211 220655.871 SSL cipher available: 56:DHE-PSK-AES128-CBC-SHA | |
20181211 220655.871 SSL cipher available: 57:AES128-SHA | |
20181211 220655.871 SSL cipher available: 58:PSK-AES128-CBC-SHA256 | |
20181211 220655.871 SSL cipher available: 59:PSK-AES128-CBC-SHA | |
20181211 220655.871 SSL handshake started write:unknown:unknown | |
20181211 220655.871 SSL state connect:before SSL initialization:(NONE) | |
20181211 220655.871 sent 0 256 buflen 5 | |
20181211 220655.871 sent 772 22 buflen 342 | |
20181211 220655.871 SSL state connect:SSLv3/TLS write client hello:(NONE) | |
20181211 220655.871 SSL connect:SSLv3/TLS write client hello | |
20181211 220655.872 received 0 256 buflen 5 | |
20181211 220655.872 SSL connect:SSLv3/TLS write client hello | |
20181211 220655.895 SSL connect:SSLv3/TLS write client hello | |
20181211 220655.895 SSL state connect:SSLv3/TLS write client hello:(NONE) | |
20181211 220655.895 received 772 22 buflen 85 | |
20181211 220655.895 SSL state connect:SSLv3/TLS read server hello:(NONE) | |
20181211 220655.895 received 771 22 buflen 4882 | |
20181211 220655.896 sent 0 256 buflen 5 | |
20181211 220655.896 sent 771 21 buflen 2 | |
20181211 220655.896 SSL alert write:fatal:unknown CA | |
20181211 220655.896 SSL connect:error | |
In ssl_error_callback with str=140219359057664:error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed:ssl/statem/statem_clnt.c:1924: | |
20181211 220655.896 Connecting to serverURI acsf8ikktv204-ats.iot.us-west-2.amazonaws.com:8883 with MQTT version 3 | |
20181211 220655.996 SSL cipher available: 0:TLS_AES_256_GCM_SHA384 | |
20181211 220655.996 SSL cipher available: 1:TLS_CHACHA20_POLY1305_SHA256 | |
20181211 220655.996 SSL cipher available: 2:TLS_AES_128_GCM_SHA256 | |
20181211 220655.996 SSL cipher available: 3:ECDHE-ECDSA-AES256-GCM-SHA384 | |
20181211 220655.996 SSL cipher available: 4:ECDHE-RSA-AES256-GCM-SHA384 | |
20181211 220655.996 SSL cipher available: 5:DHE-RSA-AES256-GCM-SHA384 | |
20181211 220655.996 SSL cipher available: 6:ECDHE-ECDSA-CHACHA20-POLY1305 | |
20181211 220655.996 SSL cipher available: 7:ECDHE-RSA-CHACHA20-POLY1305 | |
20181211 220655.996 SSL cipher available: 8:DHE-RSA-CHACHA20-POLY1305 | |
20181211 220655.996 SSL cipher available: 9:ECDHE-ECDSA-AES128-GCM-SHA256 | |
20181211 220655.996 SSL cipher available: 10:ECDHE-RSA-AES128-GCM-SHA256 | |
20181211 220655.996 SSL cipher available: 11:DHE-RSA-AES128-GCM-SHA256 | |
20181211 220655.996 SSL cipher available: 12:ECDHE-ECDSA-AES256-SHA384 | |
20181211 220655.996 SSL cipher available: 13:ECDHE-RSA-AES256-SHA384 | |
20181211 220655.996 SSL cipher available: 14:DHE-RSA-AES256-SHA256 | |
20181211 220655.996 SSL cipher available: 15:ECDHE-ECDSA-AES128-SHA256 | |
20181211 220655.996 SSL cipher available: 16:ECDHE-RSA-AES128-SHA256 | |
20181211 220655.996 SSL cipher available: 17:DHE-RSA-AES128-SHA256 | |
20181211 220655.996 SSL cipher available: 18:ECDHE-ECDSA-AES256-SHA | |
20181211 220655.996 SSL cipher available: 19:ECDHE-RSA-AES256-SHA | |
20181211 220655.996 SSL cipher available: 20:DHE-RSA-AES256-SHA | |
20181211 220655.996 SSL cipher available: 21:ECDHE-ECDSA-AES128-SHA | |
20181211 220655.996 SSL cipher available: 22:ECDHE-RSA-AES128-SHA | |
20181211 220655.996 SSL cipher available: 23:DHE-RSA-AES128-SHA | |
20181211 220655.996 SSL cipher available: 24:RSA-PSK-AES256-GCM-SHA384 | |
20181211 220655.996 SSL cipher available: 25:DHE-PSK-AES256-GCM-SHA384 | |
20181211 220655.996 SSL cipher available: 26:RSA-PSK-CHACHA20-POLY1305 | |
20181211 220655.996 SSL cipher available: 27:DHE-PSK-CHACHA20-POLY1305 | |
20181211 220655.996 SSL cipher available: 28:ECDHE-PSK-CHACHA20-POLY1305 | |
20181211 220655.996 SSL cipher available: 29:AES256-GCM-SHA384 | |
20181211 220655.997 SSL cipher available: 30:PSK-AES256-GCM-SHA384 | |
20181211 220655.997 SSL cipher available: 31:PSK-CHACHA20-POLY1305 | |
20181211 220655.997 SSL cipher available: 32:RSA-PSK-AES128-GCM-SHA256 | |
20181211 220655.997 SSL cipher available: 33:DHE-PSK-AES128-GCM-SHA256 | |
20181211 220655.997 SSL cipher available: 34:AES128-GCM-SHA256 | |
20181211 220655.997 SSL cipher available: 35:PSK-AES128-GCM-SHA256 | |
20181211 220655.997 SSL cipher available: 36:AES256-SHA256 | |
20181211 220655.997 SSL cipher available: 37:AES128-SHA256 | |
20181211 220655.997 SSL cipher available: 38:ECDHE-PSK-AES256-CBC-SHA384 | |
20181211 220655.997 SSL cipher available: 39:ECDHE-PSK-AES256-CBC-SHA | |
20181211 220655.997 SSL cipher available: 40:SRP-RSA-AES-256-CBC-SHA | |
20181211 220655.997 SSL cipher available: 41:SRP-AES-256-CBC-SHA | |
20181211 220655.997 SSL cipher available: 42:RSA-PSK-AES256-CBC-SHA384 | |
20181211 220655.997 SSL cipher available: 43:DHE-PSK-AES256-CBC-SHA384 | |
20181211 220655.997 SSL cipher available: 44:RSA-PSK-AES256-CBC-SHA | |
20181211 220655.997 SSL cipher available: 45:DHE-PSK-AES256-CBC-SHA | |
20181211 220655.997 SSL cipher available: 46:AES256-SHA | |
20181211 220655.997 SSL cipher available: 47:PSK-AES256-CBC-SHA384 | |
20181211 220655.997 SSL cipher available: 48:PSK-AES256-CBC-SHA | |
20181211 220655.997 SSL cipher available: 49:ECDHE-PSK-AES128-CBC-SHA256 | |
20181211 220655.998 SSL cipher available: 50:ECDHE-PSK-AES128-CBC-SHA | |
20181211 220655.998 SSL cipher available: 51:SRP-RSA-AES-128-CBC-SHA | |
20181211 220655.998 SSL cipher available: 52:SRP-AES-128-CBC-SHA | |
20181211 220655.998 SSL cipher available: 53:RSA-PSK-AES128-CBC-SHA256 | |
20181211 220655.998 SSL cipher available: 54:DHE-PSK-AES128-CBC-SHA256 | |
20181211 220655.998 SSL cipher available: 55:RSA-PSK-AES128-CBC-SHA | |
20181211 220655.998 SSL cipher available: 56:DHE-PSK-AES128-CBC-SHA | |
20181211 220655.998 SSL cipher available: 57:AES128-SHA | |
20181211 220655.998 SSL cipher available: 58:PSK-AES128-CBC-SHA256 | |
20181211 220655.998 SSL cipher available: 59:PSK-AES128-CBC-SHA | |
20181211 220655.998 SSL handshake started write:unknown:unknown | |
20181211 220655.998 SSL state connect:before SSL initialization:(NONE) | |
20181211 220655.998 sent 0 256 buflen 5 | |
20181211 220655.998 sent 772 22 buflen 342 | |
20181211 220655.998 SSL state connect:SSLv3/TLS write client hello:(NONE) | |
20181211 220655.998 SSL connect:SSLv3/TLS write client hello | |
20181211 220656.062 received 0 256 buflen 5 | |
20181211 220656.062 SSL connect:SSLv3/TLS write client hello | |
20181211 220656.062 SSL connect:SSLv3/TLS write client hello | |
20181211 220656.062 SSL state connect:SSLv3/TLS write client hello:(NONE) | |
20181211 220656.062 received 772 22 buflen 85 | |
20181211 220656.062 SSL state connect:SSLv3/TLS read server hello:(NONE) | |
20181211 220656.062 received 771 22 buflen 4882 | |
20181211 220656.062 sent 0 256 buflen 5 | |
20181211 220656.062 sent 771 21 buflen 2 | |
20181211 220656.062 SSL alert write:fatal:unknown CA | |
20181211 220656.062 SSL connect:error | |
In ssl_error_callback with str=140219359057664:error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed:ssl/statem/statem_clnt.c:1924: | |
Connection failed with code=-1, message=TCP/TLS connect failure | |
All finished |
@hitmon33: I haven't looked at this in a while. I think I got it working, but I moved on to other things so I don't remember exactly. There was this comment which I think may have helped: dpfrey/aws_iot_mqtt_example@fb781a7#r31916931
See also this reply by Ian Craggs to my mailing list post: https://www.eclipse.org/lists/paho-dev/msg04380.html
The problem is I can get this to work on my computer but when I cross compiled it to my controller, it didnt work and I dont know why. From the trace output, the openssl cflags seem different. I dont know if that actually effects. Anyway, thanks for the reply :)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello,
I have a similar issue where it keeps saying unknow CA or bad certificate when I tried to combine keyStore (cert.pem), privateKey(private.key) and trustStore(CA.pem)
I am just wondering if you have fixed this issue? Thank you!