OpenSSL hints

Environment
  • Ubuntu 16.04 LTS
  • OpenSSL 1.0.2g 1 Mar 2016
Download server certificate
### Show certificate
$ openssl s_client -connect host:port -showcerts
### Download certificate
$ echo | openssl s_client -connect host:port 2>&1 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > server.crt.pem
2-way TLS authentication test

Say, we’ve downloaded server certificate and generated your client private key and certificate. Now we want to test if everything works:

$ openssl s_client -connect hostname:port -CAfile server.crt.pem -cert client.crt.pem -key client-private.key.pem

If you private key is protected with a password you’ll be prompted to enter the password.

remove password (passphrase) from private key

You might want to remove the password from private key:

openssl rsa -in private.key.pem -out newprivate.key.pem

 

 

 

Raspberry Pi: Flower Care (aka MI Flower) sensor

Environment
  • Raspberry Pi 3 Model B
Flower Care sensor

See http://www.huahuacaocao.com/product.

Looks and feels very nice:

Be aware that there are two versions of the sensor – Chinese and  international. I saw complains on internet about chinese sensor that were bricked after software upgrade when used outside of China. It is not quite clear what exactly was bricked – mobile phone app or the sensor itself.

FIGURE out the flower care MAC Address
### Check if bluetooth service running
$ service bluetooth status
● bluetooth.service - Bluetooth service
Loaded: loaded (/lib/systemd/system/bluetooth.service; enabled)
Active: active (running) since Sun 2019-04-07 08:16:38 UTC; 5 days ago
Docs: man:bluetoothd(8)
Main PID: 1068 (bluetoothd)
Status: "Running"
CGroup: /system.slice/bluetooth.service
└─1068 /usr/lib/bluetooth/bluetoothd

### Start the service if it's not running
$ service bluetooth start

### Start bluetoothctl
$ bluetoothctl 
[NEW] Controller B8:27:EB:8A:A0:E6 raspberrypi [default]
[bluetooth]# scan on
Discovery started
[CHG] Controller B8:27:EB:xx:xx:xx Discovering: yes
[NEW] Device C4:7C:8D:xx:xx:xx0 Flower care

Python demo on Raspbery Pi

Details see on GitHub.

$ git clone https://github.com/open-homeautomation/miflora.git
$ cd miflora/
$ . ./build.sh 
$ python3 setup.py build
$ sudo python3 setup.py install
$ python3 demo.py C4:7C:8D:xx:xx:xx
Getting data from Mi Flora
FW: 2.7.0
Name: Flower care
Temperature: 18.3
Moisture: 27
Light: 105
Conductivity: 59
Battery: 100

Raspberry Pi: Running Mosquitto MQTT server

Environment
  • Raspberry Pi 3 Model B

Install and run as service

Taken from YouTube.

Installation
$ sudo apt-get update
$ sudo apt-get dist-upgrade
### Install mosquitto
$ sudo apt-get install mosquitto
### Optional - install mosquitto clients
$ sudo apt-get install mosquitto-clients

Install and run in Docker container

Based on this.

install docker
### Install Docker
$ curl -fsSL get.docker.com -o get-docker.sh
$ sudo sh get-docker.sh

### Pull Mosquitto image
$ docker pull eclipse-mosquitto
RUN with default configuration
$ docker run -it -p 1883:1883 -p 9001:9001 --restart unless-stopped eclipse-mosquitto
run with custom mosquitto configuration

Say, we want to persist Mosquitto log in local file system

  • create local mosquitto.conf (e.g. at /home/pi/mosquitto/config/mosquitto.conf location)
  • add this line to it:
log_dest /mosquitto/log/mosquitto.log

Then run the container:

$ docker run -it -p 1883:1883 -p 9001:9001 --restart unless-stopped -v /home/pi/mosquitto/config/mosquitto.conf:/mosquitto/config/mosquitto.conf -v /mosquitto/log eclipse-mosquitto

Inspect the container:

### Figure out container id
$ docker ps
CONTAINER ID IMAGE COMMAND CREATED...
4aaf067565c9 eclipse-mosquitto "/docker-entrypoint.…" 14 minutes...

### Inspect rge container
$ docker inspect 4aaf067565c9
...
"Mounts": [
{
"Type": "bind",
"Source": "/home/pi/mosquitto/config/mosquitto.conf",
"Destination": "/mosquitto/config/mosquitto.conf",
"Mode": "",
"RW": true,
"Propagation": "rprivate"
},
{
"Type": "volume",
"Name": "7cbeec58f1dee862c14b65b1ab59b180df1ec5fc4736a0a88136a28c88e5e68c",
"Source": "/var/lib/docker/volumes/7cbeec58f1dee862c14b65b1ab59b180df1ec5fc4736a0a88136a28c88e5e68c/_data",
"Destination": "/mosquitto/log",
"Driver": "local",
"Mode": "",
"RW": true,
"Propagation": ""
},
{
"Type": "volume",
"Name": "e5f9ff21ba6a94a84347bcf6aa7203e510db1ea578da63cbe8ce256d96b44914",
"Source": "/var/lib/docker/volumes/e5f9ff21ba6a94a84347bcf6aa7203e510db1ea578da63cbe8ce256d96b44914/_data",
"Destination": "/mosquitto/data",
"Driver": "local",
"Mode": "",
"RW": true,
"Propagation": ""
}
],
...

### Check log file
$ sudo cat /var/lib/docker/volumes/7cbeec58f1dee862c14b65b1ab59b180df1ec5fc4736a0a88136a28c88e5e68c/_data/mosquitto.log
1548170247: mosquitto version 1.5.5 starting
1548170247: Config loaded from /mosquitto/config/mosquitto.conf.
1548170247: Opening ipv4 listen socket on port 1883.
1548170247: Opening ipv6 listen socket on port 1883.
...

See more on how to run mosquitto in docker container here.

Testing

### Console 1
$ mosquitto_sub -t "hellomosquitto"

### Console 2
$ mosquitto_pub -t "hellomosquitto" -m "Hello, Mosquitto!"

### Console 1 prints
Hello, Mosquitto!