mirrors
/
Tasmota
mirror of https://github.com/arendst/Tasmota.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Updated AWS IoT (markdown)

s-hadinger 2019-08-06 11:23:44 +02:00
parent e4b1310c41
commit f30f46718d
1 changed files with 22 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
AWS-IoT.md

@ -202,7 +202,7 @@ If you need to reset the key store, use the command `TLSKey 0`.
We will extract the 32 bytes Private key from `tasmota-01.key` generated above.
Simple method, use the following command: (fake key below)
1-line method, use the following command: (fake key below)
`openssl ec -in tasmota-01.key -inform PEM -outform DER | openssl asn1parse -inform DER | head -3 | tail -1 | awk -F':' '{ print $4 }' | xxd -r -p | base64 | echo "TLSKey1 $(</dev/stdin)"`
@ -222,12 +222,16 @@ hh:mm:ss CMD: TLSKey1 UvBgyCuPr/lKSgwumf/8o/mIsKQPBHn3ZZAGZl4ui9E=
hh:mm:ss MQT: stat/sonoff/RESULT = {"TLSKey1":32,"TLSKey2":-1}
```
If it does not work, use the following:
Alternative method:
Convert the Private Key file from `PEM` to `DER` (binary format):
`openssl ec -in tasmota-01.key -inform PEM -outform DER -out tasmota-01.key.der`
Dump the `ASN.1` format from the `DER` file:
```
openssl ec -in tasmota-01.key -inform PEM -outform DER | openssl asn1parse -inform DER
read EC key
writing EC key
openssl asn1parse -inform DER -in tasmota-01.key.der
0:d=0 hl=2 l= 119 cons: SEQUENCE
2:d=1 hl=2 l= 1 prim: INTEGER :01
5:d=1 hl=2 l= 32 prim: OCTET STRING [HEX DUMP]:52F060C82B8FAFF94A4A0C2E99FFFCA3F988B0A40F0479F7659006665E2E8BD1
@ -243,7 +247,7 @@ Then convert the byte stream after `[HEX DUMP]` to base64 and use it with the `T
Similarly you will need to convert the file "**tasmota-01.cert.pem**" generated above to a Tasmota command.
Simple version, use the following command:
1-line version, use the following command:
`openssl x509 -in tasmota-01.cert.pem -inform PEM -outform DER | base64 | echo "TLSKey2 $(</dev/stdin)"`
@ -263,6 +267,18 @@ hh:mm:ss MQT: stat/sonoff/IR2/RESULT = {"TLSKey1":32,"TLSKey2":641}
You need to check that both values are not "-1". The value for "TLSKey1" should always be 32. The value for "TLSKey2" varies depending on several parameters, and should be within the 640-700 bytes range.
Alternative version:
Convert your certificate from `PEM` to `DER` (binary) format:
`openssl x509 -in tasmota-01.cert.pem -inform PEM -outform DER -out tasmota-01.cert.der`
Then convert the Certificate to plain base64 in a single line (use `-A` flag):
`openssl base64 -e -in tasmota-01.cert.der -A -out tasmota-01.cert.b64`
Then use the command `TSLKey2 <base64>` and replace `<base64>` with the content of `tasmota-01.cert.b64`.
### Step 9. Configure Tasmota device
This is the last step, you need to configure the MQTT parameters. The easiest way is through the web console.