nRF9160 issue in receiving TLS packets larger than 2048 bytes during AWS_IOT device registration

When implementing AWS_IOT provisioning by claim process, AWS_IOT responds to the published topic $aws/certificates/create/json with a 3580 byte response. This causes TLS to disconnect the connection. I've found some topics on this problem, is there a solution that Nordic has published for this problem?

Regards,

Bob

Parents

0 Michal 1 month ago

Hello Bob,

I will look more into it and get back to you.

Best regards,

Michal
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Michal 1 month ago in reply to Michal

To my knowledge, the modem can handle packets up to 2048 kB. Is there for example a way to get a smaller certificate from AWS IoT?

Best regards,

Michal
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 bobsengjr 1 month ago in reply to Michal

Michal:
Using the AWS standard certificate generation and product provisioning, AWS sends back in a single message the device certificate, private key, certificateID, and certificateOwnershipToken as a response to publishing $aws/certificates/create/json (over 3500 bytes). There is no way to modify the handling of topics starting with $aws.

There may be a way around this as mentioned in another post by publishing a custom topic and handling it in with some code running in Lambda. (Can Nordic supply this as an example?)

Of course the other option is loading every device in manufacturing with it's own private key and cert for AWS.

Since this is a common problem with any device JIT registration with AWS I was hoping that Nordic had a solution.

Regards,

Bob
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 bobsengjr 1 month ago in reply to Michal

Michal:
Using the AWS standard certificate generation and product provisioning, AWS sends back in a single message the device certificate, private key, certificateID, and certificateOwnershipToken as a response to publishing $aws/certificates/create/json (over 3500 bytes). There is no way to modify the handling of topics starting with $aws.

There may be a way around this as mentioned in another post by publishing a custom topic and handling it in with some code running in Lambda. (Can Nordic supply this as an example?)

Of course the other option is loading every device in manufacturing with it's own private key and cert for AWS.

Since this is a common problem with any device JIT registration with AWS I was hoping that Nordic had a solution.

Regards,

Bob
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

0 Michal 1 month ago in reply to bobsengjr

Hello Bob,

I have forwarded all this information to the developers and I will let you know if we have any solutions.

Please let me know your NCS and Modem FW versions as well.

Best regards,

Michal
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Michal 1 month ago in reply to Michal

Hello again,

Just found out that we do have a workaround.

Please take a look at this:

https://github.com/NordicPlayground/aws-iot-core-fleet-provisioning-with-nrf9160

Best regards,

Michal
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 bobsengjr 1 month ago in reply to Michal

Super, I'll test it out.

Thanks,

Bob
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel