M2Mqtt and Amazon AWS IoT

Few weeks ago I wrote about the new M2Mqtt feature : TLS client authentication support !

One of the M2Mqtt community friends, Nick Payne, has already used this new feature to connect to Amazon IoT platform. He wrote the following article for us to show how to use the M2Mqtt client to connect AWS IoT !

(written by Nick Payne)

I’ve been investigating the various IoT platforms that have appeared recently.  Recently, my focus has been on AWS IoT (the company where I work is a registered Consulting Partner and we spend a fair amount of time in the AWS stack).

This blog post will hopefully demonstrate how easy it is to set up AWS IoT and publish and subscribe to Things.

As always, the AWS documentation is fantastic.  https://aws.amazon.com/iot/how-it-works/

Obviously, I chose to use C# as my client and this is where I came across the M2MQTT library.  I picked MQTT as my protocol as I hadn’t come across it before and wanted to learn more about it. (http://mqtt.org/).

So, I signed into my AWS account and navigated to the IoT section.  The UI is one of AWS’s latest and is very slick.

I quickly worked out to create a Thing, a Policy and a Rule.

Here’s what I ended up with:


I had previously created my certificates and downloaded them (very important for the mutual TLS authentication! – more to follow on this).


I wanted the data that I published to end up in a DynamoDB table.

Here’s the rule that I created to do this:


To link everything together, it’s necessary to activate the certificate and attach a policy and a thing to it.


When everything is attached properly, you’ll end up with this:


The final step is to download the certificate from the above section of the UI.

It’s possible to test your setup using Mosquitto and various other test harnesses.

I wanted to get the C# code up and running.  Fortunately, the M2MQTT library had just received an upgrade (v4.3.0.0) and now supports the required TLS security.  However, there was one hurdle to jump over.  With the certificates downloaded previously, it was necessary to create a PFX version for use by the library.  This was quite easy in the end (but required a download of openssl to accomplish it – https://wiki.openssl.org/index.php/Binaries).

The relevant commands are here in this gist: https://gist.github.com/adrenalinehit/b33994a4d430b26747ac#file-converting-to-pfx-using-openssl

I decided to write two small console applications to demonstrate the library in use with AWS IoT.  Note the use of the X509Certificate2 and the password.

The publisher is here:


…and the subscriber is here:


My test applications use the AWS IoT platform vanilla MQTT features.  It doesn’t deal with updating the shadow (http://docs.aws.amazon.com/iot/latest/developerguide/iot-thing-shadows.html).  My data ends up in the DynamoDB table and there’s nothing stopping further rules being chained together.

I’m excited by the possibilities for the AWS IoT platform and what it can bring to the IoT world.  Having a great library for .NET that is being actively developed is a bonus and I’ve enjoyed working with it.

Nick Payne : About the author

I am currently Head of Development at Control F1 Ltd (www.controlf1.co.uk) – a UK software house who develop meaningful digital products and creative software solutions that make a genuine difference to businesses.  We specialise in Telematics/IoT, and enterprise cloud applications.

I’ve been in IT professionally for over 12 years, having previously flirted with a career in the Legal Industry (I hold an English LLB Law degree).  I’ve held various roles – mainly Software Development – using Java, .net along with various other languages.

I’m also at home with hardware and tinker in my spare time with the RaspberryPi and various flavours of mobile devices.

Away from my computer I’m a keen mountain biker and climber.  I also quite like a glass of red wine.

I have a firm belief that anything is possible.

Twitter: @adrenalinehit

Linkedin: https://uk.linkedin.com/in/nick-payne-5b0a231