Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Certificate issues abound

See original GitHub issue

Worked through this several times and get nothing but cert issues whether running the examples or using a basic test JS. Not really sure where to go from here with this.

Cert is created in the console, policy attached as well as a couple of devices.

Using this:

openssl s_client -connect custom_endpoint.iot.us-west-2.amazonaws.com:8443 -CAfile CA.pem -cert cert.pem -key privateKey.pem

seems to work without failing, but running the device-example.js produces this:

❯ node node_modules/aws-iot-device-sdk/examples/device-example.js -f ./certs --test-mode=1                                                             

error { Error: write EPROTO 140735163940864:error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown:../deps/openssl/openssl/ssl/s3_pkt.c:1472:SSL alert
 number 46
140735163940864:error:1409E0E5:SSL routines:ssl3_write_bytes:ssl handshake failure:../deps/openssl/openssl/ssl/s3_pkt.c:656:

    at exports._errnoException (util.js:1012:11)
    at WriteWrap.afterWrite (net.js:793:14) code: 'EPROTO', errno: 'EPROTO', syscall: 'write' }
offline
close
reconnect

Issue Analytics

State:
Created 7 years ago
Comments:11 (2 by maintainers)

Top GitHub Comments

7reactions

lusentiscommented, Oct 10, 2017

Just experienced the same issue. We found out that we forgot to activate the certificate from the console…

0reactions

mattmeyecommented, Aug 11, 2017

I have the same error - and i’m not behind a proxy.

{ clientId: ‘xxx’, clientCert: <Buffer 2d 2d 2d 2d 2d 42 45 47 49 4e 20 43 45 52 54 49 46 49 43 41 54 45 2d 2d 2d 2d 2d 0a 4d 49 49 44 57 6a 43 43 41 6b 4b 67 41 77 49 42 41 67 49 56 41 49 … >, privateKey: <Buffer 2d 2d 2d 2d 2d 42 45 47 49 4e 20 52 53 41 20 50 52 49 56 41 54 45 20 4b 45 59 2d 2d 2d 2d 2d 0a 4d 49 49 45 70 41 49 42 41 41 4b 43 41 51 45 41 73 76 … >, caCert: <Buffer 2d 2d 2d 2d 2d 42 45 47 49 4e 20 43 45 52 54 49 46 49 43 41 54 45 2d 2d 2d 2d 2d 4d 49 49 45 30 7a 43 43 41 37 75 67 41 77 49 42 41 67 49 51 47 4e 72 … >, host: ‘xxx’, region: ‘eu-central-1’, debug: true, reconnectPeriod: 1000, fastDisconnectDetection: true, protocol: ‘mqtts’, port: 8883, ca: <Buffer 2d 2d 2d 2d 2d 42 45 47 49 4e 20 43 45 52 54 49 46 49 43 41 54 45 2d 2d 2d 2d 2d 4d 49 49 45 30 7a 43 43 41 37 75 67 41 77 49 42 41 67 49 51 47 4e 72 … >, key: <Buffer 2d 2d 2d 2d 2d 42 45 47 49 4e 20 52 53 41 20 50 52 49 56 41 54 45 20 4b 45 59 2d 2d 2d 2d 2d 0a 4d 49 49 45 70 41 49 42 41 41 4b 43 41 51 45 41 73 76 … >, cert: <Buffer 2d 2d 2d 2d 2d 42 45 47 49 4e 20 43 45 52 54 49 46 49 43 41 54 45 2d 2d 2d 2d 2d 0a 4d 49 49 44 57 6a 43 43 41 6b 4b 67 41 77 49 42 41 67 49 56 41 49 … >, requestCert: true, rejectUnauthorized: true }

windows 10, node 8.2.1

@sandangel what do you mean with register caCert ? download? or call specific funtion? upload the symantec certificate into aws iot certificates?