azure_iot_hub sample without TFM in SDK v2.6.x

In the transition from SDK v2.5.x to v2.6.x, Nordic removed support for boards that don't have the nonsecure (_ns) configuration in the Azure IOT hub sample. In other words. the sample now only supports TFM builds. I would like to use the sample for a build without TFM.

I tried using the nrf7002dk_nrf5340_cpuapp.conf and nrf7002dk_nrf5340_cpuapp.overlay from SDK 2.5.3. The sample builds, runs, and is able to connect to wifi. However, I get a -22 error back when it tries to sync data to the Azure server. Looking through the code it appears that the I am not able to certificates that are loaded through the mqtt_helper module. Stepping through the code, it appears that the certificates are loaded so perhaps they are not available through the security tags.

Could you advise how to get the azure_iot_hub sample working for board nrf7002dk_nrf5340_cpuapp SDK 2.6.x?

Top Replies

Rocky 1 month ago in reply to Sigurd Hellesvik +1 verified

Thanks. This helped me get it working. I stepped through the credentials code and found it was working fine. The error was during the TLS connect. Then, I looked at the other ticket you referenced and…

Parents

0 Rocky 1 month ago

Hi,

I tried the experiment you suggested. Here is what I did.

Set up example using SDK v2.6.1 and board nrf7002dk_nrf5340_cpuapp_ns. I then confirmed it worked. The output is as follows:

[00:00:38.746,185] <inf> azure_iot_hub_sample: Connected to network
[00:00:38.747,680] <inf> azure_fota: Current firmware version: 0.0.0-dev
[00:00:38.747,680] <inf> azure_iot_hub_sample: Azure IoT Hub library initialized
[00:00:38.747,711] <inf> azure_iot_hub_sample: AZURE_IOT_HUB_EVT_CONNECTING
[00:00:51.357,635] <inf> azure_iot_hub_sample: Connection request sent to IoT Hub
[00:00:51.740,295] <inf> azure_iot_hub_sample: AZURE_IOT_HUB_EVT_CONNECTED
[00:00:51.787,200] <inf> azure_iot_hub_sample: AZURE_IOT_HUB_EVT_READY
[00:00:51.787,933] <inf> azure_iot_hub_sample: Sending event:{"temperature":25.7,"timestamp":51787}
[00:00:51.788,757] <inf> azure_iot_hub_sample: Event was successfully sent

Copied the board files and renamed them to remove the _ns prefix. I then removed the TFM options. Lastly, I created a new build configuration for board nrf7002dk_nrf5340_cpuapp. The project builds and runs, but errors during the sync with the following output:

[00:00:10.950,286] <inf> azure_iot_hub_sample: Connected to network
[00:00:10.951,751] <inf> azure_fota: Current firmware version: 0.0.0-dev
[00:00:10.951,751] <inf> azure_iot_hub_sample: Azure IoT Hub library initialized
[00:00:10.951,782] <inf> azure_iot_hub_sample: AZURE_IOT_HUB_EVT_CONNECTING
[00:00:11.518,920] <err> mqtt_helper: mqtt_connect, error: -22
[00:00:11.518,920] <err> azure_iot_hub: mqtt_helper_connect failed, error: -22
[00:00:11.518,920] <err> azure_iot_hub_sample: azure_iot_hub_connect failed: -22

I also used the debugger to try to narrow down where the -22 error is coming from. It is failing in the function tls_mbedtls_set_credentials(). It appears that the credentials cannot be read from the tags when TFM is not enabled.

Reply

0 Rocky 1 month ago

Hi,

I tried the experiment you suggested. Here is what I did.

Set up example using SDK v2.6.1 and board nrf7002dk_nrf5340_cpuapp_ns. I then confirmed it worked. The output is as follows:

[00:00:38.746,185] <inf> azure_iot_hub_sample: Connected to network
[00:00:38.747,680] <inf> azure_fota: Current firmware version: 0.0.0-dev
[00:00:38.747,680] <inf> azure_iot_hub_sample: Azure IoT Hub library initialized
[00:00:38.747,711] <inf> azure_iot_hub_sample: AZURE_IOT_HUB_EVT_CONNECTING
[00:00:51.357,635] <inf> azure_iot_hub_sample: Connection request sent to IoT Hub
[00:00:51.740,295] <inf> azure_iot_hub_sample: AZURE_IOT_HUB_EVT_CONNECTED
[00:00:51.787,200] <inf> azure_iot_hub_sample: AZURE_IOT_HUB_EVT_READY
[00:00:51.787,933] <inf> azure_iot_hub_sample: Sending event:{"temperature":25.7,"timestamp":51787}
[00:00:51.788,757] <inf> azure_iot_hub_sample: Event was successfully sent

[00:00:10.950,286] <inf> azure_iot_hub_sample: Connected to network
[00:00:10.951,751] <inf> azure_fota: Current firmware version: 0.0.0-dev
[00:00:10.951,751] <inf> azure_iot_hub_sample: Azure IoT Hub library initialized
[00:00:10.951,782] <inf> azure_iot_hub_sample: AZURE_IOT_HUB_EVT_CONNECTING
[00:00:11.518,920] <err> mqtt_helper: mqtt_connect, error: -22
[00:00:11.518,920] <err> azure_iot_hub: mqtt_helper_connect failed, error: -22
[00:00:11.518,920] <err> azure_iot_hub_sample: azure_iot_hub_connect failed: -22

Children

0 Sigurd Hellesvik 1 month ago in reply to Rocky
Rocky said:
tls_mbedtls_set_credentials

Can you debug the code, and step into this?
We are looking for the following:

Which line exactly returns the error number?

What are all the variables passed to tls_mbedtls_set_credentials()?

What variable casuses it to return an error? What is the value of that variable?

If a sub-function inside tls_mbedtls_set_credentials() is what failed, do the analysis on that sub-function instead
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Sigurd Hellesvik 1 month ago in reply to Sigurd Hellesvik

Here is a similar ticket which could maybe help you some

RE: Example code for HTTPS client using WiFi nRF7002 + nRF5340
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
+1 Rocky 1 month ago in reply to Sigurd Hellesvik
Thanks. This helped me get it working. I stepped through the credentials code and found it was working fine. The error was during the TLS connect. Then, I looked at the other ticket you referenced and updated the config variables to get it working.

These key config parameters were missing.

CONFIG_PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY=y CONFIG_PSA_WANT_RSA_KEY_SIZE_1024=y
Cancel
Vote Up +1 Vote Down

Sign in to reply

Reject Answer

Cancel