Raspberry PI OS (Buster) EMS - SSL handshake error / Verify Failed / twWs_Connect: Error restarting

Question

Hello,
 
I am currently running EMS version MED-61060-CD-054_SP9_Microserver-Linux-arm-hwfpu-openssl-5-4-9-1154 on Raspberry PI OS (Linux ems01 4.19.118+ #1311 Mon Apr 27 14:16:15 BST 2020 armv6l GNU/Linux) and am trying to connect to the 30 day hosted trial of TW.
 
I am using this guide "Setup a Raspberry Pi as an IoT Device".  This guide specifies to use Buster and version SP5 of the ems, which I have also tried.  I have worked through several of these guides and many of the solutions offered on this forum but still cannot get the Linux RPI version to work.  I have been able to get the Windows version of the EMS to connect to my online instance of TW.
 
As it stands, I am now getting the following error:
 
TW_NEW_SSL_CLIENT: SSL handshake error. Error: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed.
 
SDK: twWs_Connect: Error restarting socket. Error 0
 
If I follow the suggestion to set encryption to:
 
"ws_connection": {"encryption": "none"
 
I get:
 
[TRACE] 2020-06-15 19:01:53,984 SDK: twWs_Connect: Got Response from Server:
HTTP/1.1 400Content-Type: text/plain;charset=ISO-8859-1Connection: close
Bad RequestThis combination of host and port requires TLS.[ERROR] 2020-06-15 19:01:53,991 SDK: twWs_Connect: Error initializing web socket. Response code: 400
SDK: twWs_Connect: Error initializing web socket. Response code: 400
 
I have tried various combinations of raspbaerry pi OS version from "jessie, "sketch" and "buster" using each of the suggested EMS versions and continue to end up with various errors.  This is the closest I have come to getting it to work.  From the logs it appears to be connecting to the remote server.
 
Below is my config.json
{"ws_servers": [{"host": "pp-##########.devportal.ptc.io","port": 443}],"resource": "/Thingworx/WS","appkey": "##################","logger": {"level": "TRACE","publish_directory": "/home/pi/microserver/logs","publish_level": "TRACE","max_file_storage": 2000000,"auto_flush": true},"http_server": {"ssl": false,"authenticate": false},"ws_connection": {"encryption": "ssl"},"certificates": {"validate": false},"tunnel": {"buffer_size": 8192,"read_timeout": 10,"idle_timeout": 300000,"max_concurrent": 4},"file": {"buffer_size": 8192,"max_file_size": 8000000000,"virtual_dirs": [{"other": "/home/pi/microserver/other"}, {"tw": "/home/pi/microserver/tw"}, {"updates": "/home/pi/microserver/updates"}],"staging_dir": "/home/pi/microserver/staging"},"data_security": {"key_hash": "#############"}}
 
I enabled TRACE to hope to find some additional info in the logs.  I am attaching it as a file.
 
I appreciate any help you can offer.
 
Thanks,
Dave

dlolling · Accepted Answer

@jwyatt

Hello,

As a follow up, I decided to transfer the contents of the microserver directory over to my other Raspberry PI 4 (8gb version) running the latest up to date version of Raspberry PI OS (Buster) and everything worked like a champ.

So not sure what was causing the problems as I was using exactly what was called out in the guide.

But anyway, thanks for the help, glad to get it working as intended. Planning on trying an Arduino next!

Dave

jwyatt · Answer

Greetings,

You mention that you're using the Setup a Raspberry Pi as an IoT Device guide. However, we're seeing multiple differences between your config.json file and the one provided in said guide.

The guide's code for config.json is shown in this step: https://developer.thingworx.com/en/resources/guides/setup-raspberry-pi-iot-device/mlp-pi-configure-ems

For clarity, here it is in a code block:

{
 "ws_servers": [{
 "host": "YOUR_IP_ADDRESS_HERE",
 "port": 443
 }],
 "appKey": "YOUR_APP_KEY_HERE",
 "logger": {
 "level": "INFO",
 "publish_directory": "\/home\/pi\/Downloads\/microserver\/logs",
 "publish_level": "INFO",
 "max_file_storage": 2000000,
 "auto_flush": true
 },
 "http_server": {
 "ssl": false,
 "authenticate": false
 },
 "ws_connection": {
 "encryption": "ssl"
 },
 "certificates": {
 "validate": false
 },
 "tunnel": {
 "buffer_size": 8192, 
 "read_timeout": 10, 
 "idle_timeout": 300000,
 "max_concurrent": 4
 },
 "file": {
 "buffer_size": 8192, 
 "max_file_size": 8000000000, 
 "virtual_dirs": [ 
 {"other": "\/home\/pi\/Downloads\/microserver\/other"},
 {"tw": "\/home\/pi\/Downloads\/microserver\/tw"}, 
 {"updates": "\/home\/pi\/Downloads\/microserver\/updates"} 
 ],
 "staging_dir": "\/home\/pi\/Downloads\/microserver\/staging" 
 } 
}

Compared to your previously-linked code, we see the following:

You have a resource block, which isn't in the default code.
You also have a data_security block with a reference to key_hash, which also isn't present in ours.
Also, it looks like you're not escaping your pathways with a \ character, i.e. a forward slash. Without the escape character, I'm uncertain if any of your pathways will work correctly.

At this point, I would recommend trying to get the connection working by strictly following the provided DevPortal guide config.json code, and see if you can establish a basic connection.

If so, then you could go back and try to begin modifying on your own.

Thank you,

Jason

Sign up

Please use your PTC eSupport account.

Welcome to the PTC Community

Please use your PTC eSupport account.

Scanning file for viruses.

This file cannot be downloaded