MicroPython
tls invalid key heartache. #15569
Replies: 2 comments 4 replies
-
|
Edit your code following the guidelines in the |
Beta Was this translation helpful? Give feedback.
-
|
I used code sniper markers 'code' I did thi k that would maintain the code format or did I miss something? |
Beta Was this translation helpful? Give feedback.
-
triple back ticks then py at the beginning of the code block |
Beta Was this translation helpful? Give feedback.
-
|
There was a post recently on using markers 'code' |
Beta Was this translation helpful? Give feedback.
-
|
Hey, i just had a very similar issue with a pico w and aws iot as well. I described it here: #15674 |
Beta Was this translation helpful? Give feedback.
-
|
Same here. Validating the key failed with MicroPython v1.23.0, was successful with v1.24.0-preview.286.g042693496 (2024-09-04). |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
I am trying to create a connection to an mqtt server in aws (a thing) I have a regular python script that seems to work just great but try as I like I just cant get past invalid key on micropython.
I am using the very latest preview:
MicroPython v1.24.0-preview.149.g6007f3e20 on 2024-07-26; Raspberry Pi Pico W with RP2040I have tried both pem and der certs but all the same, I understand that ssl has be deprecated into tls now and I always fail on ontext.load_cert_chain(cert_data, key_data)
Here is an example of what I am doing to try and connect, again my certs work as .pem files in normal python.
`import tls
import socket
Load the DER formatted files
with open("/cert/certificate.der", "rb") as cert_file:
cert_data = cert_file.read()
with open("/cert/private_key.der", "rb") as key_file:
key_data = key_file.read()
with open("/cert/ca_certificate.der", "rb") as ca_file:
ca_data = ca_file.read()
print("Certificate length:", len(cert_data))
print("Private key length:", len(key_data))
print("CA certificate length:", len(ca_data))
Create and configure SSL context
context = tls.SSLContext(tls.PROTOCOL_TLS_CLIENT)
context.set_ciphers(["TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384"])
Attempt to load the certificates and key
try:
context.load_cert_chain(cert_data, key_data)
context.load_verify_locations(ca_data)
print("Certificates loaded successfully.")
except ValueError as e:
print(f"Error loading certificates: {e}")
except Exception as e:
print(f"Unexpected error loading certificates: {e}")
Create a socket and wrap it with SSL
try:
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
ssl_sock = context.wrap_socket(sock, server_hostname="myurl.net")
ssl_sock.connect(("18.132.144.20", 443))
print("SSL connection established successfully.")
except Exception as e:
print(f"Error establishing SSL connection: {e}")`
This returns
`>>> %Run -c $EDITOR_CONTENT
MPY: soft reboot
Certificate length: 861
Private key length: 1217
CA certificate length: 837
Error loading certificates: invalid key
Error establishing SSL connection: [Errno 107] ENOTCONN
I am really pulling out my hair on this one. Does anyone have a tls example that works, if it works with AWS that would be even better.
Thanks in advance
Gus
Beta Was this translation helpful? Give feedback.
All reactions