LoginSignup
0
0

More than 3 years have passed since last update.

@ekzemplaro(内田 雅智)

Azure IoT Hub に paho で pub/sub (CA 認証)

Posted at

こちらのプログラムを SAS トークンから CA 認証に変更しました。
Azure IoT Hub に paho で pub/sub``

次のファイルが必要です。

/etc/ssl/certs/Baltimore_CyberTrust_Root.pem
devicethird.pem
devicethird.key

devicethird.* は openssl で作成します。

publish_ca.py
#! /usr/bin/python
#
#   publish_ca.py
#
#                       Jan/19/2020
# ------------------------------------------------------------------
import sys
from paho.mqtt import client as mqtt
import ssl

# ------------------------------------------------------------------
path_to_root_cert = "/etc/ssl/certs/Baltimore_CyberTrust_Root.pem"
device_id = "shimizu"
iot_hub_name = "iot-bb"


# ------------------------------------------------------------------
def on_connect(client, userdata, flags, rc):
    print("Device connected with result code: " + str(rc))


def on_disconnect(client, userdata, rc):
    print("Device disconnected with result code: " + str(rc))


def on_publish(client, userdata, mid):
    print("Device sent message")

# ------------------------------------------------------------------
sys.stderr.write("*** 開始 ***\n")

client = mqtt.Client(client_id=device_id, protocol=mqtt.MQTTv311)

client.on_connect = on_connect
client.on_disconnect = on_disconnect
client.on_publish = on_publish

# Set the username but not the password on your client
client.username_pw_set(username=iot_hub_name+".azure-devices.net/" +
                       device_id + "/?api-version=2020-03-13", password=None)

# Set the certificate and key paths on your client
cert_file = "./devicethird.pem"
key_file = "./devicethird.key"

try:
    client.tls_set(ca_certs=path_to_root_cert, certfile=cert_file, keyfile=key_file,cert_reqs=ssl.CERT_REQUIRED, tls_version=ssl.PROTOCOL_TLSv1_2, ciphers=None)

except Exception as ee:
    sys.stderr.write("*** error *** in client.tls_set ***\n")
    sys.stderr.write(str(ee) + "\n")
# Connect as before
client.connect(iot_hub_name+".azure-devices.net", port=8883)

client.publish("devices/" + device_id + "/messages/events/", "{id=123}", qos=1)

sys.stderr.write("*** 終了 ***\n")
# ------------------------------------------------------------------
subscribe_ca.py
#! /usr/bin/python
#
#   subscribe_ca.py
#
#                   Jan/19/2021
# ------------------------------------------------------------------
import sys
from paho.mqtt import client as mqtt
import ssl

# ------------------------------------------------------------------
path_to_root_cert = "/etc/ssl/certs/Baltimore_CyberTrust_Root.pem"
device_id = "shimizu"
iot_hub_name = "iot-bb"


topic = 'devices/' + device_id + '/messages/devicebound/#'

sys.stderr.write(topic + "\n")
# ------------------------------------------------------------------

def on_disconnect(client, userdata, rc):
    print("Device disconnected with result code: " + str(rc))

def on_publish(client, userdata, mid):
    print("Device sent message")

# ------------------------------------------------------------------
def on_connect(client, userdata, flags, respons_code):
#   sys.stderr.write("***on_connect ***\n")
#   print('status {0}'.format(respons_code))
    client.subscribe(topic)

# ------------------------------------------------------------------
def on_message(client, userdata, msg):
    sys.stderr.write("***on_message ***\n")
    print(msg.topic + ' ' + str(msg.payload,'utf-8'))

# ------------------------------------------------------------------
sys.stderr.write("*** 開始 ***\n")

client = mqtt.Client(client_id=device_id, protocol=mqtt.MQTTv311)

client.on_connect = on_connect
client.on_disconnect = on_disconnect
client.on_publish = on_publish
client.on_message = on_message

# Set the username but not the password on your client
client.username_pw_set(username=iot_hub_name+".azure-devices.net/" +
    device_id + "/?api-version=2020-03-13", password=None)

# Set the certificate and key paths on your client
cert_file = "./devicethird.pem"
key_file = "./devicethird.key"

try:
    client.tls_set(ca_certs=path_to_root_cert, certfile=cert_file, keyfile=key_file,cert_reqs=ssl.CERT_REQUIRED, tls_version=ssl.PROTOCOL_TLSv1_2, ciphers=None)

except Exception as ee:
    sys.stderr.write("*** error *** in client.tls_set ***\n")
    sys.stderr.write(str(ee) + "\n")
# Connect as before

# client.publish("devices/" + device_id + "/messages/events/", "{id=123}", qos=1)



host = iot_hub_name + '.azure-devices.net'
port = 8883
#
try:
    client.connect(host, port=8883)
#   client.connect(host, port=port, keepalive=60)
    client.loop_forever()
except Exception as ee:
    sys.stderr.write("*** error *** in client.connect ***\n")
    sys.stderr.write(str(ee) + "\n")
#
sys.stderr.write("*** 終了 ***\n")
# ------------------------------------------------------------------


sys.stderr.write("*** 終了 ***\n")
# ------------------------------------------------------------------

参考ページ
TLS または SSL の構成

0
0
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
0
0