[PYTHON] Pub/sub (CA certificate) with paho on Azure IoT Hub

This program has been changed from SAS token to CA authentication. Publish/sub on Azure IoT Hub with paho (https://qiita.com/ekzemplaro/items/5bb6c666d9ddb0127a0f) ``

You need the following files:

/etc/ssl/certs/Baltimore_CyberTrust_Root.pem
devicethird.pem
devicethird.key

devicethird. * is created with openssl.

publish_ca.py


#! /usr/bin/python
#
#	publish_ca.py
#
#						Jan/19/2020
# ------------------------------------------------------------------
import sys
from paho.mqtt import client as mqtt
import ssl

# ------------------------------------------------------------------
path_to_root_cert = "/etc/ssl/certs/Baltimore_CyberTrust_Root.pem"
device_id = "shimizu"
iot_hub_name = "iot-bb"


# ------------------------------------------------------------------
def on_connect(client, userdata, flags, rc):
    print("Device connected with result code: " + str(rc))


def on_disconnect(client, userdata, rc):
    print("Device disconnected with result code: " + str(rc))


def on_publish(client, userdata, mid):
    print("Device sent message")

# ------------------------------------------------------------------
sys.stderr.write("***start***\n")

client = mqtt.Client(client_id=device_id, protocol=mqtt.MQTTv311)

client.on_connect = on_connect
client.on_disconnect = on_disconnect
client.on_publish = on_publish

# Set the username but not the password on your client
client.username_pw_set(username=iot_hub_name+".azure-devices.net/" +
                       device_id + "/?api-version=2020-03-13", password=None)

# Set the certificate and key paths on your client
cert_file = "./devicethird.pem"
key_file = "./devicethird.key"

try:
	client.tls_set(ca_certs=path_to_root_cert, certfile=cert_file, keyfile=key_file,cert_reqs=ssl.CERT_REQUIRED, tls_version=ssl.PROTOCOL_TLSv1_2, ciphers=None)

except Exception as ee:
	sys.stderr.write("*** error *** in client.tls_set ***\n")
	sys.stderr.write(str(ee) + "\n")
# Connect as before
client.connect(iot_hub_name+".azure-devices.net", port=8883)

client.publish("devices/" + device_id + "/messages/events/", "{id=123}", qos=1)

sys.stderr.write("***End***\n")
# ------------------------------------------------------------------

subscribe_ca.py


#! /usr/bin/python
#
#	subscribe_ca.py
#
#					Jan/19/2021
# ------------------------------------------------------------------
import sys
from paho.mqtt import client as mqtt
import ssl

# ------------------------------------------------------------------
path_to_root_cert = "/etc/ssl/certs/Baltimore_CyberTrust_Root.pem"
device_id = "shimizu"
iot_hub_name = "iot-bb"


topic = 'devices/' + device_id + '/messages/devicebound/#'

sys.stderr.write(topic + "\n")
# ------------------------------------------------------------------

def on_disconnect(client, userdata, rc):
	print("Device disconnected with result code: " + str(rc))

def on_publish(client, userdata, mid):
	print("Device sent message")

# ------------------------------------------------------------------
def on_connect(client, userdata, flags, respons_code):
#	sys.stderr.write("***on_connect ***\n")
#	print('status {0}'.format(respons_code))
	client.subscribe(topic)

# ------------------------------------------------------------------
def on_message(client, userdata, msg):
	sys.stderr.write("***on_message ***\n")
	print(msg.topic + ' ' + str(msg.payload,'utf-8'))

# ------------------------------------------------------------------
sys.stderr.write("***start***\n")

client = mqtt.Client(client_id=device_id, protocol=mqtt.MQTTv311)

client.on_connect = on_connect
client.on_disconnect = on_disconnect
client.on_publish = on_publish
client.on_message = on_message

# Set the username but not the password on your client
client.username_pw_set(username=iot_hub_name+".azure-devices.net/" +
	device_id + "/?api-version=2020-03-13", password=None)

# Set the certificate and key paths on your client
cert_file = "./devicethird.pem"
key_file = "./devicethird.key"

try:
	client.tls_set(ca_certs=path_to_root_cert, certfile=cert_file, keyfile=key_file,cert_reqs=ssl.CERT_REQUIRED, tls_version=ssl.PROTOCOL_TLSv1_2, ciphers=None)

except Exception as ee:
	sys.stderr.write("*** error *** in client.tls_set ***\n")
	sys.stderr.write(str(ee) + "\n")
# Connect as before

# client.publish("devices/" + device_id + "/messages/events/", "{id=123}", qos=1)



host = iot_hub_name + '.azure-devices.net'
port = 8883
#
try:
	client.connect(host, port=8883)
#	client.connect(host, port=port, keepalive=60)
	client.loop_forever()
except Exception as ee:
	sys.stderr.write("*** error *** in client.connect ***\n")
	sys.stderr.write(str(ee) + "\n")
#
sys.stderr.write("***End***\n")
# ------------------------------------------------------------------


sys.stderr.write("***End***\n")
# ------------------------------------------------------------------

Reference page Configure TLS or SSL (https://docs.microsoft.com/ja-jp/azure/iot-hub/iot-hub-mqtt-support#tlsssl-configuration)

Recommended Posts

Pub/sub (CA certificate) with paho on Azure IoT Hub
Pub/sub on paho on Azure IoT Hub
Throw a request with a certificate on httpie
Looking back on learning with Azure Machine Learning Studio
[Note] The story of setting up the SDK for Python of Azure IoT Hub on Linux