• State Not Answered
  • Replies 1 reply
  • Subscribers 71 subscribers
  • Views 32 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 341800
Options

Can’t connect with AWS IoT sample with own CA

GilDev

Hello,

I’m running the AWS IoT sample on nRF9160DK v1.1.3 using nrf-sdk and toolchain v2.9.0, modem v1.3.7.

Everything works fine when following the instructions with the “nRF91: Keys generated by AWS” method. Now, we are interested in doing JITP provisioning with our devices. For that, we are following the official AWS tutorial, creating and registering a CA with auto-provisioning enabled. The sample mosquitto command at the end works fine, but I’m then having trouble using the same generated certificates with my nRF9160.

Here’s what I’m getting when using my generated device certificate and private key (using my own registered CA):

*** Booting nRF Connect SDK v2.9.0-7787b2649840 ***
*** Using Zephyr OS v3.7.99-1f8f3dc29142 ***
[00:00:00.254,058] <inf> aws_iot_sample: The AWS IoT sample started, version: v1.0.0
[00:00:00.254,089] <inf> aws_iot_sample: Bringing network interface up and connecting to the network
[00:00:00.485,900] <inf> nrf_modem_lib_trace: Trace thread ready
[00:00:00.493,225] <inf> nrf_modem_lib_trace: Trace level override: 2
%MDMEV: SEARCH STATUS 1
+CEREG: 2,"BEB8","09743A06",7
+CSCON: 1
+CGEV: ME PDN ACT 0,0
+CNEC_ESM: 50,0
%MDMEV: SEARCH STATUS 2
+CEREG: 5,"BEB8","09743A06",7,,,"11100000","11100000"
[00:03:08.835,205] <inf> aws_iot_sample: Network connectivity established
+CSCON: 0
[00:03:13.835,357] <inf> aws_iot_sample: Connecting to AWS IoT
[00:03:19.403,137] <inf> aws_iot_sample: AWS_IOT_EVT_DISCONNECTED
[00:03:19.403,198] <err> mqtt_helper: Cloud MQTT input error: -128
[00:03:47.287,963] <err> aws_iot: Timed out waiting for subscription acknowledgments
[00:03:47.288,055] <err> mqtt_helper: Library is in the wrong state (MQTT_STATE_DISCONNECTED), MQTT_STATE_CONNECTED required
[00:03:47.288,055] <err> aws_iot: mqtt_helper_disconnect, error: -95
[00:03:47.288,085] <inf> aws_iot_sample: Connection attempt timed out, Next connection retry in 30 seconds
+CSCON: 1
+CSCON: 0
[00:03:47.288,360] <inf> aws_iot_sample: Connecting to AWS IoT
[00:03:54.575,836] <inf> aws_iot_sample: AWS_IOT_EVT_DISCONNECTED
[00:03:54.575,897] <err> mqtt_helper: Cloud MQTT input error: -128

I get the same errors if I’m trying to concatenate my own CA with the device certificate (as done in the tutorial).

Do you please have any idea on what could be causing this? Is there another way to generate working certificates? Kconfig options to enable? More logs to enable?

Thanks, regards.

Related
Terms of service