DTLS and x509
Closed this issue · 3 comments
Hello,
I am trying to connect with leshan client demo to emqx with DTLS. I am following the steps in of x509 part:
https://github.com/eclipse/leshan/wiki/Credential-files-format
In order to launch the leshan client demo I have to pass ccert, cprik, scert. I generate only ccert and cprik and I am not sure where to get scert .der file. I found the cacert.pem in emqx/etc/certs the file cacert.pem and I tried to convert it to .der with command:
openssl x509 -outform der -in cacert.pem -out serverCert.der
However if I pass this serverCert.der file to leshan client demo I get error:
java -jar leshan-client-demo.jar -n hitx -u 192.168.1.100:5683 -ccert crtx509/self_signed_cert.der -cprik crtx509/cprik.der -scert crtx509_emq/serverCert.der
Unable to load X509 files : X.509 algorithm is not supported, Only EC algorithm is supported java.security.cert.CertificateException: X.509 algorithm is not supported, Only EC algorithm is supported at org.eclipse.leshan.core.util.SecurityUtil$3.decode(SecurityUtil.java:61) at org.eclipse.leshan.core.util.SecurityUtil$3.decode(SecurityUtil.java:53) at org.eclipse.leshan.core.credentials.CredentialsReader.decode(CredentialsReader.java:58) at org.eclipse.leshan.core.credentials.CredentialsReader.readFromFile(CredentialsReader.java:38) at org.eclipse.leshan.client.demo.LeshanClientDemo.main(LeshanClientDemo.java:407) usage: java -jar leshan-client-demo.jar [OPTION]
I also read https://docs.emqx.io/broker/v3/en/protocol.html
I can see here at EMQX-LWM2M plugin Configurations, that the port is mentioned 5683, however in the table below it is 5783. Can you clarify which port should be written in emqx_lwm2m.conf?
Can you clarify which port should be written in emqx_lwm2m.conf?
okay, we will update it later.
Unable to load X509 files : X.509 algorithm is not supported, Only EC algorithm is supported
It seems you should make a new pair of certificate for LwM2M DTLS and leshan demo
您好, 我正在尝试使用DTLS连接乐山客户端演示到emqx。我正在按照 x509 部分的步骤进行操作: https : //github.com/eclipse/leshan/wiki/Credential-files-format 为了启动 leshan 客户端演示,我必须通过
ccert, cprik, scert. 我只生成 ccert 和 cprik,我不确定从哪里获取 scert .der 文件。我在 emqx/etc/certs 文件 cacert.pem 中找到了 cacert.pem,我尝试使用以下命令将其转换为 .der:openssl x509 -outform der -in cacert.pem -out serverCert.der但是,如果我将此 serverCert.der 文件传递给乐山客户端演示,则会出现错误:
java -jar leshan-client-demo.jar -n hitx -u 192.168.1.100:5683 -ccert crtx509/self_signed_cert.der -cprik crtx509/cprik.der -scert crtx509_emq/serverCert.der
Unable to load X509 files : X.509 algorithm is not supported, Only EC algorithm is supported java.security.cert.CertificateException: X.509 algorithm is not supported, Only EC algorithm is supported at org.eclipse.leshan.core.util.SecurityUtil$3.decode(SecurityUtil.java:61) at org.eclipse.leshan.core.util.SecurityUtil$3.decode(SecurityUtil.java:53) at org.eclipse.leshan.core.credentials.CredentialsReader.decode(CredentialsReader.java:58) at org.eclipse.leshan.core.credentials.CredentialsReader.readFromFile(CredentialsReader.java:38) at org.eclipse.leshan.client.demo.LeshanClientDemo.main(LeshanClientDemo.java:407) usage: java -jar leshan-client-demo.jar [OPTION]我还阅读了https://docs.emqx.io/broker/v3/en/protocol.html 我可以在 EMQX-LWM2M 插件配置中看到这里提到的端口是 5683,但在下表中它是 5783。可以emqx_lwm2m.conf 中应该写哪个端口?
Excuse me,Have you solved the problem now?I have the same problem,Can you share the solution?
您好, 我正在尝试使用DTLS连接乐山客户端演示到emqx。我正在按照 x509 部分的步骤进行操作: https : //github.com/eclipse/leshan/wiki/Credential-files-format 为了启动 leshan 客户端演示,我必须通过
ccert, cprik, scert. 我只生成 ccert 和 cprik,我不确定从哪里获取 scert .der 文件。我在 emqx/etc/certs 文件 cacert.pem 中找到了 cacert.pem,我尝试使用以下命令将其转换为 .der:openssl x509 -outform der -in cacert.pem -out serverCert.der但是,如果我将此 serverCert.der 文件传递给乐山客户端演示,则会出现错误:
java -jar leshan-client-demo.jar -n hitx -u 192.168.1.100:5683 -ccert crtx509/self_signed_cert.der -cprik crtx509/cprik.der -scert crtx509_emq/serverCert.der
Unable to load X509 files : X.509 algorithm is not supported, Only EC algorithm is supported java.security.cert.CertificateException: X.509 algorithm is not supported, Only EC algorithm is supported at org.eclipse.leshan.core.util.SecurityUtil$3.decode(SecurityUtil.java:61) at org.eclipse.leshan.core.util.SecurityUtil$3.decode(SecurityUtil.java:53) at org.eclipse.leshan.core.credentials.CredentialsReader.decode(CredentialsReader.java:58) at org.eclipse.leshan.core.credentials.CredentialsReader.readFromFile(CredentialsReader.java:38) at org.eclipse.leshan.client.demo.LeshanClientDemo.main(LeshanClientDemo.java:407) usage: java -jar leshan-client-demo.jar [OPTION]
我还阅读了https://docs.emqx.io/broker/v3/en/protocol.html 我可以在 EMQX-LWM2M 插件配置中看到这里提到的端口是 5683,但在下表中它是 5783。可以emqx_lwm2m.conf 中应该写哪个端口?Excuse me,Have you solved the problem now?I have the same problem,Can you share the solution?
Have you solved the problem yet? I have the same problem