Pradeep Singh | 3rd Mar 2017
MQTT is one of the core protocols used on AWS IoT Platform. Let’s explore how to use Paho MQTT client to send and receive messages to this platform.
1. Software Prerequisites:
Before proceeding further with this article, make sure your system meets following software requirements. I will be using a Raspberry Pi to test AWS IoT MQTT using Python and Paho in this article.
- Python 2.7+
- OpenSSL version 1.0.1+ (TLS version 1.2)
- Paho MQTT client library for Python
You can check Python version using “python -V” command –
pi@raspberrypi:~ $ python -V Python 2.7.9
To check OpenSSL version you can execute “openssl version” command –
pi@raspberrypi:~ $ openssl version OpenSSL 1.0.1t 3 May 2016
You can also check OpenSSL version from python –
pi@raspberrypi:~ $ python Python 2.7.9 (default, Mar 8 2015, 00:52:26) [GCC 4.9.2] on linux2 Type "help", "copyright", "credits" or "license" for more information. >>> import ssl >>> ssl.OPENSSL_VERSION 'OpenSSL 1.0.1t 3 May 2016' >>>
You can install Paho using pip command “pip install paho-mqtt” or “sudo pip install paho-mqtt” –
pi@raspberrypi:~ $ pip install paho-mqtt
2. AWS Account:
You must have an AWS Account to start with AWS IoT Platform. If you don’t have any, you can create one from AWS Sign in Page.
3. Create AWS IoT Thing and Download Certificates:
AWS uses X.509 certificates for MQTT Authentication. In order to connect with AWS IoT services, you should create a Certificate on AWS IoT Console and map a Thing and Policy with it.
Follow these steps to generate certificate and keys for MQTT TLS authentication –
3.1 Login to AWS IoT Console and click on the “Connect” button. It will load “Connect to AWS IoT” Page. On this page click on “Get Started” button as shown in the following screenshot –
3.2 Based on the system you are going to use, select a platform (Linux or windows). For this article, I am using Raspberry Pi and Python Paho client; so I will go ahead and select Linux and Python –
3.3 On next screen, click on “Get Started” button –
3.4 Provide a name for your AWS IoT Thing on this screen. This is not a DNS name, it could be any string. I will use “MyRaspberryPi” as Thing Name. After this click on “Next Step” button –
3.5 Download connection kit by clicking on the button as shown in the following screenshot –
3.6 Create a new folder named as “paho” (or any other name of your choice) on your system and copy downloaded zip file into it. After copying this file, unzip it. Ignore the “start.sh” file for now, I will cover it in another article.
pi@raspberrypi:~/paho $ pwd /home/pi/paho pi@raspberrypi:~/paho $ ls connect_device_package.zip pi@raspberrypi:~/paho $ unzip connect_device_package.zip Archive: connect_device_package.zip inflating: MyRaspberryPi.private.key inflating: MyRaspberryPi.public.key inflating: MyRaspberryPi.cert.pem inflating: start.sh pi@raspberrypi:~/paho $
3.7 Download Certification Authority Root Certification for AWS IoT from the following link –
To download this certificate, right-click on this link and select “Save Link As…“, and save the file with name as “root-CA.crt“.
Copy this Root Certificate File (“root-CA.crt“) in “paho” directory you created in the previous step.
pi@raspberrypi:~/paho $ pwd /home/pi/paho pi@raspberrypi:~/paho $ ls root-CA.crt root-CA.crt pi@raspberrypi:~/paho $
4. AWS IoT Custom Endpoint:
AWS IoT Custom endpoint will allow you to connect to AWS IoT Platform. This is an important property for your MQTT client as the client will use it as MQTT Broker Host Address.
You can find your Custom Endpoint on AWS IoT Console by clicking on “settings” button, as hown in following screenshot –
5. Python Code for Paho Publisher and Subscriber:
Download sample Python scripts from GitHub Repository 
and place them into the “paho” directory created earlier (step # 3.6). You will find following two files in this GitHub Repository –
mqtt_publish.py: This file will publish MQTT messages to a Topic defined as “helloTopic” (Feel free to change it).
mqtt_subscribe.py: This file will subscribe to MQTT topic “helloTopic” (If you change Topic in “mqtt_publish.py” file, then use same Topic in this file).
After downloading these files, change the following variables (in both files) according to your Certificate/Key File names and you Custom Endpoint.
MQTT_HOST = "put your Custom Endpoint here" CA_ROOT_CERT_FILE = "put AWS IoT Root Certificate File Name here" THING_CERT_FILE = "put your Thing's Certificate File Name here" THING_PRIVATE_KEY = "put your Thing's Private Key File Name here"
After setting the correct values for these variables, you can execute the python scripts from two different shell windows –
6. AWS IoT MQTT Client (Test Utility):
AWS IoT Console has a built-in MQTT Test tool that can be used to test MQTT Modules from your projects. Using this test utility, you can Subscribe or Publish to MQTT Topics.
While your “mqtt_subscribe.py” script is still executing (if not, start it again), you can subscribe to MQTT Topic used in this file (for ex: “helloTopic“) and intercept all the messages published by this script.
From IoT Console click on “Test” button to launch MQTT Test utility. Enter your MQTT Topic in the TextBox and click on “Subscribe to topic” button to start capturing messages published to this topic.
Conclusion:
This is the foundation to send and receive MQTT messages to/from AWS IoT Platform. You can tweak or enhance this code based on your project requirements to take full advantage of AWS Services.
IoT Bytes 
very nice explained
LikeLike
Hi, When I try to run the .py files, I get the following error message:
SyntaxError: invalid syntax. Any idea why?
LikeLiked by 1 person
Probably because you are using a 3x version of Python. This script was using with an older version of Python for which print statements aren’t encapsulated with parentheses.
Refer to the Github repo for 2 issues that are identified and solved that you’ll want to address as well:
https://github.com/pradeesi/AWS-IoT-with-Python-Paho/issues
LikeLiked by 2 people