This program has been changed from SAS token to CA authentication. Publish/sub on Azure IoT Hub with paho (https://qiita.com/ekzemplaro/items/5bb6c666d9ddb0127a0f) ``
You need the following files:
/etc/ssl/certs/Baltimore_CyberTrust_Root.pem
devicethird.pem
devicethird.key
devicethird. * is created with openssl.
publish_ca.py
#! /usr/bin/python
#
# publish_ca.py
#
# Jan/19/2020
# ------------------------------------------------------------------
import sys
from paho.mqtt import client as mqtt
import ssl
# ------------------------------------------------------------------
path_to_root_cert = "/etc/ssl/certs/Baltimore_CyberTrust_Root.pem"
device_id = "shimizu"
iot_hub_name = "iot-bb"
# ------------------------------------------------------------------
def on_connect(client, userdata, flags, rc):
print("Device connected with result code: " + str(rc))
def on_disconnect(client, userdata, rc):
print("Device disconnected with result code: " + str(rc))
def on_publish(client, userdata, mid):
print("Device sent message")
# ------------------------------------------------------------------
sys.stderr.write("***start***\n")
client = mqtt.Client(client_id=device_id, protocol=mqtt.MQTTv311)
client.on_connect = on_connect
client.on_disconnect = on_disconnect
client.on_publish = on_publish
# Set the username but not the password on your client
client.username_pw_set(username=iot_hub_name+".azure-devices.net/" +
device_id + "/?api-version=2020-03-13", password=None)
# Set the certificate and key paths on your client
cert_file = "./devicethird.pem"
key_file = "./devicethird.key"
try:
client.tls_set(ca_certs=path_to_root_cert, certfile=cert_file, keyfile=key_file,cert_reqs=ssl.CERT_REQUIRED, tls_version=ssl.PROTOCOL_TLSv1_2, ciphers=None)
except Exception as ee:
sys.stderr.write("*** error *** in client.tls_set ***\n")
sys.stderr.write(str(ee) + "\n")
# Connect as before
client.connect(iot_hub_name+".azure-devices.net", port=8883)
client.publish("devices/" + device_id + "/messages/events/", "{id=123}", qos=1)
sys.stderr.write("***End***\n")
# ------------------------------------------------------------------
subscribe_ca.py
#! /usr/bin/python
#
# subscribe_ca.py
#
# Jan/19/2021
# ------------------------------------------------------------------
import sys
from paho.mqtt import client as mqtt
import ssl
# ------------------------------------------------------------------
path_to_root_cert = "/etc/ssl/certs/Baltimore_CyberTrust_Root.pem"
device_id = "shimizu"
iot_hub_name = "iot-bb"
topic = 'devices/' + device_id + '/messages/devicebound/#'
sys.stderr.write(topic + "\n")
# ------------------------------------------------------------------
def on_disconnect(client, userdata, rc):
print("Device disconnected with result code: " + str(rc))
def on_publish(client, userdata, mid):
print("Device sent message")
# ------------------------------------------------------------------
def on_connect(client, userdata, flags, respons_code):
# sys.stderr.write("***on_connect ***\n")
# print('status {0}'.format(respons_code))
client.subscribe(topic)
# ------------------------------------------------------------------
def on_message(client, userdata, msg):
sys.stderr.write("***on_message ***\n")
print(msg.topic + ' ' + str(msg.payload,'utf-8'))
# ------------------------------------------------------------------
sys.stderr.write("***start***\n")
client = mqtt.Client(client_id=device_id, protocol=mqtt.MQTTv311)
client.on_connect = on_connect
client.on_disconnect = on_disconnect
client.on_publish = on_publish
client.on_message = on_message
# Set the username but not the password on your client
client.username_pw_set(username=iot_hub_name+".azure-devices.net/" +
device_id + "/?api-version=2020-03-13", password=None)
# Set the certificate and key paths on your client
cert_file = "./devicethird.pem"
key_file = "./devicethird.key"
try:
client.tls_set(ca_certs=path_to_root_cert, certfile=cert_file, keyfile=key_file,cert_reqs=ssl.CERT_REQUIRED, tls_version=ssl.PROTOCOL_TLSv1_2, ciphers=None)
except Exception as ee:
sys.stderr.write("*** error *** in client.tls_set ***\n")
sys.stderr.write(str(ee) + "\n")
# Connect as before
# client.publish("devices/" + device_id + "/messages/events/", "{id=123}", qos=1)
host = iot_hub_name + '.azure-devices.net'
port = 8883
#
try:
client.connect(host, port=8883)
# client.connect(host, port=port, keepalive=60)
client.loop_forever()
except Exception as ee:
sys.stderr.write("*** error *** in client.connect ***\n")
sys.stderr.write(str(ee) + "\n")
#
sys.stderr.write("***End***\n")
# ------------------------------------------------------------------
sys.stderr.write("***End***\n")
# ------------------------------------------------------------------
Reference page Configure TLS or SSL (https://docs.microsoft.com/ja-jp/azure/iot-hub/iot-hub-mqtt-support#tlsssl-configuration)