I've provisioned a device in AWS with device Certificate which is signed by my CA. Also, I've registered my CA along with verificationCert in AWS previously.
Now when I send the data, In the options,
var awsIot = require('aws-iot-device-sdk');
var device = awsIot.device({
privateKey: '--BEGIN RSA PRIVATE KEY--', //private key of my device
clientCert: '--BEGIN CERTIFICATE --', //cat deviceCertificate and registered CA
caCert: '--BEGIN CERTIFICATE--', //Amazon root CA
clientId: 'Thing01',
region: 'us-west-2',
host: xxxxxxxx.iot.us-west-2.amazonaws.com,
secretKey: 'dcvevv',
accessKeyId: 'ferferer'
});
device.on('connect',function(err){
device.publish('$aws/things/Thing01/shadow/update',JSON.stringify({
"state" :{
"desired": {
"color": "blue"
}
}
})
);
})
I'm getting below error
throw new Error(exceptions.INVALID_CA_CERT_OPTION); ^ Error: Invalid "caCert" option supplied.
Can anyone let me know where I'm doing wrong in the above code snippet?
Edit1: After making corrections in the options, below is the code:
var awsIot = require('aws-iot-device-sdk');
var device = awsIot.device({
host:'xxxxx.iot.us-west-2.amazonaws.com',
keyPath : './certs/deviceTest/5e2570c0605418.key',
certPath : './certs/deviceTest/5e2570c0605418AndCA.crt', //cat of device and Registered CA
caPath : './certs/rootCA.pem', //public cert of AWS root CA1
clientId: 'ManualDevice_01', //ThingName
region : 'us-west-2',
secretKey: 'xxxxxxxxxxxx',
accessKeyId: 'xxxxxxxxxxxxxxxx'
});
console.log("Invoking on connect");
device.on('connect',function(error ){
console.log("In on connect !!");
if(error)
console.log('could not connect');
device.publish('$aws/things/ManualDevice_01/shadow/update',JSON.stringify({
"state" : {
"desired" : {
"color" : "pink",
"power" : "off",
"val":"1"
}
}
} ), function(err){
if(err)
console.log("Could not send : Error : "+err)
else
{
console.log("Sent data")
}
}
);
console.log('Message sent........')
})
device.on('message',function(topic,payload){
console.log('message',topic,payload.toString());
})
The statements inside device.on('connect') are not getting executed. I could see only "Invoking on connect" being printed
Edit 2: Issue is resolved!!!
While creating a device, I have to attach Policy to it. Then I'm able to send the data in above specified way through MQTT with certificates.
The doc implies you should be passing paths to the files for the TLS certificate's and key.
e.g.
var device = awsIot.device({
keyPath: <YourPrivateKeyPath>,
certPath: <YourCertificatePath>,
caPath: <YourRootCACertificatePath>,
clientId: <YourUniqueClientIdentifier>,
host: <YourCustomEndpoint>
});
Later on in the same doc it says caCert
can be a buffer (not a String)
caCert
: same as caPath, but can also accept a buffer containing CA certificate data
This means you will need to decode the string value first.