If you need DTLS support, the aiocoap library needs to be installed from source.
git clone https://github.com/chrysn/aiocoap
cd aiocoap
pip3 install --upgrade ".[tinydtls]"
A reference CoAP server could be setup with the following commands:
git clone https://github.com/obgm/libcoap.git --recursive
cd libcoap
./autogen.sh
./configure --with-tinydtls --disable-shared --disable-documentation
make
./examples/coap-server -k secretPSK
Generate a certificate authority certificate and key.
openssl req -new -x509 -days <duration> -extensions v3_ca -keyout ca.key -out ca.crt
Generate a server key.
openssl genrsa -des3 -out server.key 2048
openssl req -out server.csr -key server.key -new
NOTE: When prompted for the CN (Common Name), please enter either your server (or broker) hostname or domain name.
Send the CSR to the CA, or sign it with your CA key:
penssl x509 -req -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt -days <duration>
Generate a client key.
openssl genrsa -des3 -out client.key 2048
openssl req -out client.csr -key client.key -new
NOTE: When prompted for the CN (Common Name), the entered name will potentially be the user identity. Please check your IoT platform for the user identity format.
Send the CSR to the CA, or sign it with your CA key:
openssl x509 -req -in client.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out client.crt -days <duration>
A reference MQTT server could be setup with the mosquitto
After installation, run the following commands. The sample configuration file is provided in this repository here
mosquitto -c ./mosquitto.conf -v
You can also run a sample subscriber with
mosquitto_sub --cafile ./certs/ca.crt --cert ./certs/client.crt --key ./certs/client.key -d -h localhost -p 8883 -t 'test/topic' -v
or a sample publisher with
mosquitto_pub --cafile ./certs/ca.crt --cert ./certs/client.crt --key ./certs/client.key -d -h localhost -p 8883 -t 'test/topic' -m "hello"