• State Not Answered
  • Replies 3 replies
  • Subscribers 68 subscribers
  • Views 56 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 336139
Options

nRF9161 Cloud Auto-Provisioning / Onboarding

nrao32

Hello,

I'm trying to set up auto-provisioning and onboarding in my project as described in this sample:
https://github.com/nrfconnect/sdk-nrf/blob/066ac6f61fe19ad91d805fd788d782e245f09a2e/samples/cellular/nrf_cloud_rest_device_message/README.rst#provisioning-and-onboarding-your-device-to-nrf-cloud

From what I can see in the device logs, it looks like it was able to nab credentials from the nRF cloud:

[00:00:00.761,505] <inf> iotr: Reset reason: 0x10001
[00:00:00.927,551] <inf> iotr: Waiting for modem to acquire network time...
[00:00:09.125,366] <inf> iotr: Connected to LTE network
[00:00:09.938,842] <inf> iotr: Network time obtained
[00:00:09.939,056] <wrn> nrf_cloud_log: Unable to filter logs for module 0: nrf_cloud_rest
[00:00:09.939,117] <wrn> nrf_cloud_log: Unable to filter logs for module 1: nrf_cloud_jwt
[00:00:09.939,178] <wrn> nrf_cloud_log: Unable to filter logs for module 2: rest_client
[00:00:09.939,483] <wrn> nrf_cloud_log: Unable to filter logs for module 8: nrf_cloud_log
[00:00:09.939,544] <wrn> nrf_cloud_log: Unable to filter logs for module 9: nrf_cloud_codec
[00:00:09.939,605] <wrn> nrf_cloud_log: Unable to filter logs for module 10: nrf_cloud_codec_internal
[00:00:09.939,605] <inf> iotr: Initializing the nRF Provisioning library...
[00:00:09.940,277] <inf> nrf_cloud_log: Sent lines:0, bytes:0
[00:00:10.103,607] <inf> iotr: nRF Cloud credentials detected
[00:00:10.103,637] <inf> iotr: Sent device alert to the nRF cloud
[00:00:10.129,852] <inf> iotr: Injected time (GPS day 16385, GPS time of day 25955)
[00:00:10.137,878] <inf> iotr: Injected location for MCC <hidden>
[00:00:10.137,908] <inf> iotr: Reset reason: 0x0
[00:00:10.138,397] <inf> nrf_cloud_log: Sent lines:0, bytes:0
[00:00:10.229,919] <inf> iotr: Got device ID: <hidden>
[00:00:10.229,949] <inf> iotr: Waiting for modem to acquire network time...
[00:00:10.990,325] <inf> iotr: Provisioning started
[00:00:11.100,952] <inf> nrf_provisioning_http: Requesting commands
[00:00:11.101,409] <inf> nrf_cloud_log: Sent lines:0, bytes:0
[00:00:13.230,987] <inf> iotr: Network time obtained
[00:00:13.231,018] <inf> iotr: Initializing the nRF Provisioning library...
[00:00:13.359,161] <inf> iotr: nRF Cloud credentials detected
[00:00:15.038,940] <inf> nrf_provisioning_http: Connected
[00:00:15.039,001] <inf> nrf_provisioning_http: No more commands to process on server side
[00:00:15.039,001] <inf> iotr: Provisioning stopped
[00:00:15.039,611] <inf> nrf_cloud_log: Sent lines:0, bytes:0

However, when I go into nRF Cloud to "Add LTE device", I get an error that it hasn't been provisioned:

When I first got the device, I claimed it already (its device GUID shows up under my claimed devices section in the nRF Cloud portal with status "Ready").

However, none of my alerts are actually showing up in the Alerts section, despite the device logs showing no errors. Any ideas?

Parents
  • 0

    Hi,

    Thanks for checking with use about this issue.

    nRF9161DK deoes not support just-in-time provisioning (JITP). Please follow Cellular: nRF Cloud REST Device Message document and pay attention to HW and NCS versions.

    You nRF9161DK should be avaliable on nRF Cloud now. Please check if other basic function works or not with Cellular: nRF Cloud multi-service. Learn about Using device alerts about how alert is triggered.

    Best regards,

    Charlie

  • 0 in reply to Charlie

    I've been following along the device alerts and added in the relevant config to prj.conf. Now I get a new error:

    [00:00:13.953,491] <inf> iotr: Initializing the nRF Provisioning library...
[00:00:13.997,375] <err> nrf_cloud_codec_internal: REST error msg: Invalid JWT
[00:00:13.997,497] <err> nrf_cloud_rest: nRF Cloud REST error code: 40100
[00:00:13.997,589] <err> nrf_cloud_alert: Error sending alert via REST: -77
[00:00:13.997,619] <err> iotr: Error sending alert to cloud: -77
[00:00:14.177,886] <inf> iotr: nRF Cloud credentials detected
[00:00:14.794,708] <err> nrf_cloud_codec_internal: REST error msg: Invalid JWT
[00:00:14.794,799] <err> nrf_cloud_rest: nRF Cloud REST error code: 40100
[00:00:14.794,860] <err> nrf_cloud_log: Error sending message:-77
[00:00:14.794,952] <err> nrf_cloud_log: Data: [{"appId":"LOG","dom":0,"lvl":1,"src":"nrf_cloud_alert","ts":1731741735293,"seq":0,"msg":"Error sending alert via REST: -77"},{"appId":"LOG","dom":0,"lvl":1,"src":"iotr","ts":1731741735293,"seq":1,"msg":"Error sending alert to cloud: -77"}], len: 240
[00:00:14.895,111] <err> nrf_cloud_log: Error -77 ret 0 processing ring buffer
[00:00:14.895,111] <inf> nrf_cloud_log: Sent lines:0, bytes:0
[00:00:14.895,446] <inf> nrf_cloud_log: Sent lines:0, bytes:0
[00:00:15.457,275] <inf> nrf_provisioning_http: Connected
[00:00:15.457,305] <inf> nrf_provisioning_http: No more commands to process on server side
[00:00:15.457,305] <inf> iotr: Provisioning stopped

    I'll keep digging in to see if it's something else I'm missing.

  • 0 in reply to nrao32

    I tried generating a JWT token myself to test:

    char jwt_buf[512];
	char buf[64 + 1];

	struct jwt_data jwt = { .audience = NULL,
				.sec_tag = CONFIG_NRF_PROVISIONING_JWT_SEC_TAG,
				.key = JWT_KEY_TYPE_CLIENT_PRIV,
				.alg = JWT_ALG_TYPE_ES256,
				.jwt_buf = jwt_buf,
				.jwt_sz = sizeof(jwt_buf),
				/* The UUID is present in the iss claim */
				.subject = NULL };

	/* Check if modem time is valid */
	err = nrf_provisioning_at_time_get(buf, sizeof(buf));
	if (err != 0) {
		LOG_ERR("Modem does not have valid date/time, JWT not generated");
		return -ETIME;
	}

	jwt.exp_delta_s = CONFIG_NRF_PROVISIONING_JWT_MAX_VALID_TIME_S;

	LOG_INF("Generating JWT");
	err = modem_jwt_generate(&jwt);
	if (err) {
		LOG_ERR("modem_jwt_generate failed to generate, error: %d", err);
	}

    I get a token back, but something seems to be wrong with it. When I plug in the token to jwt.io for example, it says that the token has an invalid signature:



    The nRF cloud's JWT validator also says it's invalid:



Reply
  • 0 in reply to nrao32

    I tried generating a JWT token myself to test:

    char jwt_buf[512];
	char buf[64 + 1];

	struct jwt_data jwt = { .audience = NULL,
				.sec_tag = CONFIG_NRF_PROVISIONING_JWT_SEC_TAG,
				.key = JWT_KEY_TYPE_CLIENT_PRIV,
				.alg = JWT_ALG_TYPE_ES256,
				.jwt_buf = jwt_buf,
				.jwt_sz = sizeof(jwt_buf),
				/* The UUID is present in the iss claim */
				.subject = NULL };

	/* Check if modem time is valid */
	err = nrf_provisioning_at_time_get(buf, sizeof(buf));
	if (err != 0) {
		LOG_ERR("Modem does not have valid date/time, JWT not generated");
		return -ETIME;
	}

	jwt.exp_delta_s = CONFIG_NRF_PROVISIONING_JWT_MAX_VALID_TIME_S;

	LOG_INF("Generating JWT");
	err = modem_jwt_generate(&jwt);
	if (err) {
		LOG_ERR("modem_jwt_generate failed to generate, error: %d", err);
	}

    I get a token back, but something seems to be wrong with it. When I plug in the token to jwt.io for example, it says that the token has an invalid signature:



    The nRF cloud's JWT validator also says it's invalid:



Children
No Data
Related