My user has global roles “admins” and “tenant manager”.
When I tried to connect the device using thin-edge.io getting an error,
when I tried the following command sudo tedge connect c8y
I already uploaded the certificate in Cumulocity tenant
I just saw your other post (Error while running opcua gateway locally) where you mention that you are behind a corporate proxy…is it possible that this device is also behind the proxy? If so I suspect that the proxy is handling http/s traffic ok, but not mqtt, which is the cause of the connection error.
Can you check if the Zscaler is configured to allow traffic via the 8883 port (used by the MQTT mosquitto bridge to connect to Cumulocity IoT)? I suspect the proxy is closing down the connection.
To provide some more connection info, can you also run the following command on the device to see what certificates are being presented to a client trying to connect to the mqtt address/port of Cumulocity IoT:
openssl s_client -connect $(tedge config get c8y.url):8883
It is giving the following output when I ran the above command:
no peer certificate available
No client certificate CA names sent
SSL handshake has read 0 bytes and written 344 bytes
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
Ok this looks like that the Zscaler proxy is blocking communication when connecting to an outgoing port 8883. (I can tell that because the response does not include any of the Cumulocity SSL certificates which should be returned if the proxy was actually proxying requests)
You will have to request the Zscaler to allow TCP traffic on the outgoing port 8883 so that the MQTT connection can function.
Hi @Reuben_Miller2 I was able to fix the allow traffic through the port 8883.I am able to create a device in Cumulocity, but the measurements are not getting created when I tried
using the cli.
tedge mqtt pub ‘c8y/s/us’ ‘211,20’
The measurement isn’t being created because you are sending an invalid mqtt message. However you trying to send a measurement directly to the Cumulocity bridge and not via thin-edge.io…and I’m a bit surprised where you even got that command from…
Anyway, I would recommend you using the thin-edge.io topics instead as this is more generic and let’s the cloud specific mappers worry about the cloud specific messages. Best place to get started is to use the “Getting Started” section of the thin-edge.io docs:
Hi @Reuben_Miller2, I am getting a follwing error when I ran the following command
sudo tedge connect c8y
output of the command:
The system config file ‘/etc/tedge/system.toml’ doesn’t exist. Use ‘/bin/systemctl’ as a service manager. Detected mosquitto version < 2.0.0 Checking if systemd is available. Checking if configuration for requested bridge already exists. Validating the bridge certificates. Creating the device in Cumulocity cloud. Saving configuration for requested bridge. Restarting mosquitto service. Awaiting mosquitto to start. This may take up to 5 seconds. Enabling mosquitto service on reboots. Successfully created bridge connection! Sending packets to check connection. This may take up to 2 seconds. ERROR: Local MQTT publish has timed out. Warning: Bridge has been configured, but Cumulocity connection check failed. Checking if tedge-mapper is installed. Starting tedge-mapper-c8y service. Persisting tedge-mapper-c8y on reboot. tedge-mapper-c8y service successfully started and enabled! Local MQTT publish has timed out. The request has been sent, however, no response. Failed to get the connected tenant URL from Cumulocity. Enabling software management. Checking if tedge-agent is installed. Starting tedge-agent service. Persisting tedge-agent on reboot. tedge-agent service successfully started and enabled!
I think due to this error, the measurements are not getting created
any idea what error it might be and any solutions for it