AWSIoT Android SDK не может сгенерировать новый сертификат + ключ
Я довольно новичок в программировании на Android, поэтому любые рекомендации очень ценятся. Я пытаюсь сгенерировать ключ + сертификат для подключения к серверу IoT AWS. Не удается сказать, что определенный URL в домене Amazon не имеет доменного имени -> адресное разрешение. Сообщение в журнале Android:
I/Adreno-EGL: <qeglDrvAPI_eglInitialize:410>: EGL 1.4 QUALCOMM build: AU_LINUX_ANDROID_LA.BF.1.1.1_RB1. ()
OpenGL ES Shader Compiler Version: E031.25.03.00
Build Date: 01/21/15 Wed
Local Branch: mybranch7061829
Remote Branch: quic/LA.BF.1.1.1_rb1.7
Local Patches: NONE
Reconstruct Branch: AU_LINUX_ANDROID_LA.BF.1.1.1_RB1. + NOTHING
I/OpenGLRenderer: Initialized EGL, version 1.4
D/OpenGLRenderer: Enabling debug mode 0
D/Atlas: Validating map...
D/libc-netbsd: [getaddrinfo]: hostname=xxxxx; servname=(null); cache_mode=(null), netid=0; mark=0
D/libc-netbsd: [getaddrinfo]: ai_addrlen=0; ai_canonname=xxxxx; ai_flags=4; ai_family=0
D/libc-netbsd: [getaddrinfo]: hostname=xxxxx; servname=(null); cache_mode=(null), netid=0; mark=0
D/libc-netbsd: [getaddrinfo]: ai_addrlen=0; ai_canonname=xxxxx; ai_flags=1024; ai_family=0
D/libc-netbsd: [getaddrinfo]: hostname=xxxxx; servname=(null); cache_mode=(null), netid=0; mark=0
D/libc-netbsd: [getaddrinfo]: ai_addrlen=0; ai_canonname=xxxxx; ai_flags=4; ai_family=0
I/art: Thread[1,tid=14654,WaitingForJniOnLoad,Thread*=0xb4827800,peer=0x75c35b48,"main"] recursive attempt to load library "/system/lib/"
E/MediaProfilesEx-JNI: register_com_lge_media_MediaProfilesEx
E/MediaRecorderEx-JNI: register_com_lge_media_MediaRecorderEx
D/AudioSystemEx: register_com_lge_media_LGAudioSystem
E/SurfaceControlEx: register_com_lge_view_SurfaceControlEx
I/art: Thread[1,tid=14654,WaitingForJniOnLoad,Thread*=0xb4827800,peer=0x75c35b48,"main"] recursive attempt to load library "/system/lib/"
D/LGMtpDatabaseJNI: register_android_mtp_LGMtpDatabase
I/art: Thread[1,tid=14654,WaitingForJniOnLoad,Thread*=0xb4827800,peer=0x75c35b48,"main"] recursive attempt to load library "/system/lib/"
D/LGMtpServerJNI: register_android_mtp_LGMtpServer
I/art: Thread[1,tid=14654,WaitingForJniOnLoad,Thread*=0xb4827800,peer=0x75c35b48,"main"] recursive attempt to load library "/system/lib/"
E/MediaPlayerEx-jni: register_com_lge_view_MediaPlayerEx
I/art: Thread[1,tid=14654,WaitingForJniOnLoad,Thread*=0xb4827800,peer=0x75c35b48,"main"] recursive attempt to load library "/system/lib/"
[ 12-29 22:00:44.433 14654:14654 D/ ]
D/libc-netbsd: [getaddrinfo]: hostname=xxxxx; servname=(null); cache_mode=(null), netid=0; mark=0
D/libc-netbsd: [getaddrinfo]: ai_addrlen=0; ai_canonname=xxxxx; ai_flags=4; ai_family=0
D/libc-netbsd: [getaddrinfo]: hostname=xxxxx; servname=(null); cache_mode=(null), netid=0; mark=0
D/libc-netbsd: [getaddrinfo]: ai_addrlen=0; ai_canonname=xxxxx; ai_flags=4; ai_family=0
W/System.err: com.amazonaws.AmazonClientException: Unable to execute HTTP request: Unable to resolve host "": No address associated with hostname
W/System.err: at com.amazonaws.http.AmazonHttpClient.executeHelper(
W/System.err: at com.amazonaws.http.AmazonHttpClient.execute(
W/System.err: at
W/System.err: at
W/System.err: at com.home.tukai.awsiottryout01.MainActivity$
W/System.err: at
W/System.err: Caused by: Unable to resolve host "": No address associated with hostname
W/System.err: at
W/System.err: at
W/System.err: at
W/System.err: at$1.getAllByName(
W/System.err: at
W/System.err: at
W/System.err: at
W/System.err: at
W/System.err: at
W/System.err: at
W/System.err: at
W/System.err: at
W/System.err: at
W/System.err: at com.amazonaws.http.UrlHttpClient.writeContentToConnection(
W/System.err: at com.amazonaws.http.UrlHttpClient.execute(
W/System.err: at com.amazonaws.http.AmazonHttpClient.executeHelper(
W/System.err: ... 5 more
E/AWS: Exception occurred when generating new private key and certificate.
W/IInputConnectionWrapper: showStatusIcon on inactive InputConnection
Теперь, что интересно, если я загружаю KeyStore в телефон в расположение пакета приложения, то он работает нормально. (KeyStore==null) тогда не проверяется. Хранилище ключей здесь создается из загруженных сертификатов из моей учетной записи AWS, связанной с этим ВЕЩЕМ. Мой вопрос: я делаю что-то здесь не так? Если нет, то что я пропускаю?
Я пытаюсь перейти по этой ссылке для создания моей программы:
Соответствующий раздел моей программы:
private static final String CUSTOMER_SPECIFIC_ENDPOINT = "";
// Cognito pool ID. For this app, pool needs to be unauthenticated pool with
// AWS IoT permissions.
private static final String COGNITO_POOL_ID = "eu-central-1:36b201e2-d55e-4601-9430-031fc7990291";
// Name of the AWS IoT policy to attach to a newly created certificate
private static final String AWS_IOT_POLICY_NAME = "all-iot";
// Region of AWS IoT
private static final Regions MY_REGION = Regions.EU_CENTRAL_1;
// Filename of KeyStore file on the filesystem
private static final String KEYSTORE_NAME = "KeyStoreAlfred01.bks";
// Password for the private key in the KeyStore
private static final String KEYSTORE_PASSWORD = "<THIS I FILLED IN CORRECTLY>";
// Certificate and key aliases in the KeyStore
private static final String CERTIFICATE_ID = "keystorealfred01";
AWSIotClient mIotAndroidClient;
AWSIotMqttManager mqttManager;
String clientId;
String keystorePath;
String keystoreName;
String keystorePassword;
KeyStore clientKeyStore = null;
String certificateId;
CognitoCachingCredentialsProvider credentialsProvider;
protected void onCreate(Bundle savedInstanceState) {
Toolbar toolbar = (Toolbar) findViewById(;
btnGenNumber = (Button) findViewById(;
btnConnect = (Button) findViewById(;
btnYoutubeSearch = (Button) findViewById(;
btnGenNumber.setOnClickListener(new View.OnClickListener() {
public void onClick(View view) {
Random r = new Random();
int num = r.nextInt(51);
try {
mqttManager.publishString(Integer.toString(num), "test", AWSIotMqttQos.QOS0);
Toast.makeText(getApplicationContext(), "Published number " + Integer.toString(num), Toast.LENGTH_LONG).show();
Log.i(LOG_TAG, "Publish done");
} catch (Exception e) {
Log.e(LOG_TAG, "Publish error.", e);
Log.i(LOG_TAG, "Button generated a new number" + num);
btnYoutubeSearch.setOnClickListener(new View.OnClickListener() {
public void onClick(View view) {
Intent intent = new Intent(Intent.ACTION_SEARCH);
intent.putExtra("query", "Android");
// Initialize the AWS Cognito credentials provider
credentialsProvider = new CognitoCachingCredentialsProvider(
getApplicationContext(), // context
COGNITO_POOL_ID, // Identity Pool ID
MY_REGION // Region
Log.i(LOG_TAG, "Credentials provider output " + credentialsProvider.toString());
Region region = Region.getRegion(MY_REGION);
mIotAndroidClient = new AWSIotClient(credentialsProvider);
//keystorePath = "/mnt/sdcard/awsIOTtryout01";
keystorePath = getFilesDir().getPath();
keystoreName = KEYSTORE_NAME;
keystorePassword = KEYSTORE_PASSWORD;
certificateId = CERTIFICATE_ID;
Log.i(LOG_TAG, "Begin certificate load");
// To load cert/key from keystore on filesystem
try {
if (AWSIotKeystoreHelper.isKeystorePresent(keystorePath, keystoreName)) {
if (AWSIotKeystoreHelper.keystoreContainsAlias(certificateId, keystorePath,
keystoreName, keystorePassword)) {
Log.i(LOG_TAG, "Certificate " + certificateId
+ " found in keystore - using for MQTT.");
// load keystore from file into memory to pass on connection
clientKeyStore = AWSIotKeystoreHelper.getIotKeystore(certificateId,
keystorePath, keystoreName, keystorePassword);
Log.i(LOG_TAG, "Certificate loading complete");
} else {
Log.i(LOG_TAG, "Key/cert " + certificateId + " not found in keystore.");
} else {
Log.i(LOG_TAG, "Keystore " + keystorePath + "/" + keystoreName + " not found.");
} catch (Exception e) {
Log.e(LOG_TAG, "An error occurred retrieving cert/key from keystore.", e);
if (clientKeyStore == null) {
Toast.makeText(getApplicationContext(),"Cert/key was not found in keystore - creating new key and certificate.",Toast.LENGTH_SHORT).show();
Log.i(LOG_TAG, "Cert/key was not found in keystore - creating new key and certificate.");
new Thread(new Runnable() {
public void run() {
try {
// Create a new private key and certificate. This call
// creates both on the server and returns them to the
// device.
CreateKeysAndCertificateRequest createKeysAndCertificateRequest =
new CreateKeysAndCertificateRequest();
Log.i(LOG_TAG,"keys + cert generation : "+createKeysAndCertificateRequest.toString());
final CreateKeysAndCertificateResult createKeysAndCertificateResult;
createKeysAndCertificateResult =mIotAndroidClient.createKeysAndCertificate(createKeysAndCertificateRequest);
//Log.i(LOG_TAG,"Cert ID: New certificate generation done.");
//Toast.makeText(getApplicationContext(),"New certificate created", Toast.LENGTH_SHORT).show();
// store in keystore for use in MQTT client
// saved as alias "default" so a new certificate isn't
// generated each run of this application
keystorePath, keystoreName, keystorePassword);
// load keystore from file into memory to pass on connection
clientKeyStore = AWSIotKeystoreHelper.getIotKeystore(certificateId,
keystorePath, keystoreName, keystorePassword);
// Attach a policy to the newly created certificate
// This flow assumes the policy was already created in
// AWS IoT and we are now just attaching it to the
// certificate.
AttachPrincipalPolicyRequest policyAttachRequest =
new AttachPrincipalPolicyRequest();
} catch (Exception e) {
// Toast.makeText(getApplicationContext(),"Exception occured when generating new key+cert",Toast.LENGTH_SHORT).show();
Log.e(LOG_TAG,"Exception occurred when generating new private key and certificate.",e);
Я использую ANdroid Studio 2.2.2, используя Min API: 9 для проекта. Любая помощь высоко ценится!
Обновление: если файл KeyStore (с сертификатами) присутствует в памяти телефона этого пакета, журналы Android выглядят следующим образом:
/CognitoCachingCredentia`enter code here`lsProvider: Loading credentials from SharedPreferences
I/AWS: Credentials provider output com.amazonaws.auth.CognitoCachingCredentialsProvider@2d7ae714
I/AmazonWebServiceClient: {execute-api, eu-central-1} was not found in region metadata, trying to construct an endpoint using the standard pattern for this region: ''.
I/AWS: Begin certificate load
I/AWS: Certificate keystorealfred01 found in keystore - using for MQTT.
I/AWS: Certificate loading complete
D/OpenGLRenderer: Render dirty regions requested: true
I/Adreno-EGL: <qeglDrvAPI_eglInitialize:410>: EGL 1.4 QUALCOMM build: AU_LINUX_ANDROID_LA.BF.1.1.1_RB1. ()
OpenGL ES Shader Compiler Version: E031.25.03.00
Build Date: 01/21/15 Wed
Local Branch: mybranch7061829
Remote Branch: quic/LA.BF.1.1.1_rb1.7
Local Patches: NONE
Reconstruct Branch: AU_LINUX_ANDROID_LA.BF.1.1.1_RB1. + NOTHING
I/OpenGLRenderer: Initialized EGL, version 1.4
D/OpenGLRenderer: Enabling debug mode 0
D/Atlas: Validating map...
W/IInputConnectionWrapper: showStatusIcon on inactive InputConnection
I/Timeline: Timeline: Activity_idle id: android.os.BinderProxy@25603903 time:661926148
2 ответа
Я вижу следующую строку в ваших журналах исключений:
Unable to resolve host ""
Это говорит мне о том, что вы не достигли нужной конечной точки для Интернета вещей.
Для вызова CreateKeyAndCertificates в eu-central-1 вам нужно нажать
Вы можете попробовать установить эту конечную точку, используя:
Спасибо Ашутош
Пожалуйста, попробуйте добавить следующую строку:
mIotAndroidClient.setEndpoint ("");
После этой строки: mIotAndroidClient.setRegion(region);