Tagged: , , ,

This topic has 2 replies, 3 voices, and was last updated 1 month, 1 week ago by tuvarambre. This post has been viewed 425 times

  • Author
    Posts
  • #842
     hakondahle
    Participant

    Hi, after getting the Arduino MKR NB 1500 CoAP stuff working (which means that my hardware is OK and that basic communication over LTE to Telenor MIC works), I am struggling a bit with the MQTT tutorial:

    1. I updated the MICCertificates header file according to the tutorial
    2. However after successfully compiling and uploading the Sketch to the MKR NB 1500 board, I get an error:

    15:06:00.657 -> OK
    15:06:00.891 -> AT+USOSEC=0,1,0
    15:06:00.891 -> OK
    15:06:01.060 -> AT+USECPRF=0,0,1
    15:06:01.060 -> OK
    15:06:01.307 -> AT+USOCO=0,”a3k7odshaiipe8.iot.eu-west-1.amazonaws.com”,8883
    15:06:02.012 -> ERROR
    15:06:02.212 -> AT+USOCL=0
    15:06:02.212 -> ERROR
    15:06:02.212 -> Still not connected to MQTT broker.

    3. In the logs I see that we are trying to use an Amazon root cert for connecting to AWS, but this is the output I see in between all the other root certs – the command AT+USECMNG=2,0,”AmazonRootCA1″ returns an ERROR :

    15:06:00.053 -> AT+USECMNG=0,0,”VeriSign_Class_3_Public_Primary_Certification_Authority_G5″,1239
    15:06:00.053 -> >
    15:06:00.254 -> +USECMNG: 0,0,”VeriSign_Class_3_Public_Primary_Certification_Authority_G5″,”CB17E431673EE209FE455793F30AFA1C”
    15:06:00.301 ->
    15:06:00.301 -> OK
    15:06:00.301 -> AT+USECMNG=2,0,”AmazonRootCA1″
    15:06:00.301 -> ERROR
    15:06:00.355 -> AT+USECMNG=0,0,”Starfield_Services_Root_Certificate_Authority_G2″,1011
    15:06:00.355 -> >
    15:06:00.557 -> +USECMNG: 0,0,”Starfield_Services_Root_Certificate_Authority_G2″,”173574AF7B611CEBF4F93CE2EE40F9A2″
    15:06:00.557 ->

    When querying the uBLOX SARA for certs, this is the list – there is no Amazon in there:

    15:05:57.313 -> GSMSecurity::listAllCertificates() : AT+USECMNG=3
    15:05:57.355 -> AT+USECMNG=3
    15:05:57.355 ->
    “CA”,”AddTrust_External_CA_Root”,”AddTrust External CA Root”,”2020/05/30 10:48:38″
    15:05:57.355 -> “CA”,”Baltimore_CyberTrust_Root”,”Baltimore CyberTrust Root”,”2025/05/12 23:59:00″
    15:05:57.355 -> “CA”,”COMODO_RSA_Certification_Authority”,”COMODO RSA Certification Authority”,”2038/01/18 23:59:59″
    15:05:57.401 -> “CA”,”DST_Root_CA_X3″,”DST Root CA X3″,”2021/09/30 14:01:15″
    15:05:57.401 -> “CA”,”DigiCert_High_Assurance_EV_Root_CA”,”DigiCert High Assurance EV Root CA”,”2031/11/10 00:00:00″
    15:05:57.401 -> “CA”,”Entrust_Root_Certification_Authority”,”Entrust Root Certification Authority”,”2026/11/27 20:53:42″
    15:05:57.401 -> “CA”,”Equifax_Secure_Certificate_Authority”,””,”2018/08/22 16:41:51″
    15:05:57.401 -> “CA”,”GeoTrust_Global_CA”,”GeoTrust Global CA”,”2022/05/21 04:00:00″
    15:05:57.401 -> “CA”,”GeoTrust_Primary_Certification_Authority_G3″,”GeoTrust Primary Certification Authority – G3″,”2037/12/01 23:59:59″
    15:05:57.440 -> “CA”,”GlobalSign”,”GlobalSign”,”2021/12/15 08:00:00″
    15:05:57.440 -> “CA”,”Go_Daddy_Root_Certificate_Authority_G2″,”Go Daddy Root Certificate Authority – G2″,”2037/12/31 23:59:59″
    15:05:57.440 -> “CA”,”VeriSign_Class_3_Public_Primary_Certification_Authority_G5″,”VeriSign Class 3 Public Primary Certification Authority – G5″,”2036/07/16 23:59:59″
    15:05:57.440 -> “CA”,”Starfield_Services_Root_Certificate_Authority_G2″,”Starfield Services Root Certificate Authority – G2″,”2037/12/31 23:59:59″
    15:05:57.487 -> “CA”,”MIC_ROOT_CERT”,”VeriSign Class 3 Public Primary Certification Authority – G5″,”2036/07/16 23:59:59″
    15:05:57.487 -> “CC”,”MIC_CLIENT_CERTIFICATE”,”AWS IoT Certificate”,”2049/12/31 23:59:59″
    15:05:57.487 -> “PK”,”MIC_SECRET_PRIVKEY”
    15:05:57.487 ->

    Any tips on what to look for?

    Thanks!

    -håkon

    • This topic was modified 6 months, 1 week ago by hakondahle.
    • This topic was modified 6 months, 1 week ago by hakondahle. Reason: spelling
    #866
     deepakpalaksha
    Participant

    I would appreciate it if somebody could guide us here, I experience a similar problem with this.

    #1042
     tuvarambre
    Keymaster

    Hi hakondale,

    I am sorry this hasn’t been answered sooner. We have had little capacity to update our tutorials lately, so thank you very much for your feedback.
    First of all, I can see that the hostname is wrong, it should be a15nxxwvsld4o-ats.iot.eu-west-1.amazonaws.com. (I will change this in the code example as well.)
    Second, the AWS root certificate that you are looking for should be the listed MIC_ROOT_CERT.

    Hopefully with the change of host it will work seamlessly. Once again sorry for the late reply and thank you for the feedback.

    \Tuva

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.

© 2020 Telenor Start IoT
 

Log in with your credentials

Forgot your details?