Certificates for nRF Cloud

Where can I obtain the security certificates (e.g., client certificate/private key) needed for TLS authentication with nRF Cloud?
- Are these generated during device onboarding, or must they be pre-provisioned?

Parents
  • I completed the first step

    Updating the nRF Cloud certificate

    and registered my device (added JITP via the cellular monitor and registered the device in nRF Cloud).

    links 2 and 3 contain a lot of information. Do I need to perform all the actions described there?

    Is there a simpler and faster way to access nRF Cloud?

    I need a connection to nRF Cloud to use AGPS data. I want to use AT commands to determine my location via AGPS and/or cellular methods.

    Is there a simpler way to establish this connection?

  • nikolays said:
    links 2 and 3 contain a lot of information. Do I need to perform all the actions described there?

    "Device onboarding to nRF Cloud" describes different methods so you only need to follow one of them. You have followed JITP, so only the last paragraph is relevant for you. 

    "Securely generating credentials for nRF91 Series devices" also describes different methods for generating the credentials (Python script, AT commands, computer). You choose one of the methods. The Managing credentials part of that documentation also has two options to choose from. 

    nikolays said:

    Is there a simpler and faster way to access nRF Cloud?

    I need a connection to nRF Cloud to use AGPS data. I want to use AT commands to determine my location via AGPS and/or cellular methods.

    Is there a simpler way to establish this connection?

    The available methods to connect to nRF Cloud are all documented. Like I said, there are alternatives for some of the steps.

    JITP may be slow to connect the first time, and if you don't claim it in nRF Cloud it will not be faster on subsequent connections. Please make sure that you follow the documentation and claim your device in nRF Cloud. 

    Best regards,

    Maria

  • So, it seems that the JITP method is sufficient. Let me describe what I am doing in more detail.

    1. created the "nrf-35xxx....cert.json" file.

    2. flashed the firmware "AT commands" from nrf Quick Start.

    3. performed the steps to add the certificate via the Cellular monitor.

    4. added the device to nRF Cloud using the "add device" option (IMEI + PIN).

    5. tried to connect to nRF Cloud via the terminal:

    All pins have been configured as non-secure
    Booting TF-M v2.1.1-ncs4
    [Sec Thread] Secure image initializing!
    TF-M isolation level is: 0x00000001
    TF-M Float ABI: Hard
    Lazy stacking enabled
    Ready
    > AT+CEREG=5
    
    OK
    > AT+CFUN=1
    
    OK
    
    +CEREG: 2,"084D","00A52803",7
    
    +CEREG: 5,"084D","00A52803",7,,,"11100000","11100000"
    > AT#XNRFCLOUD=1
    
    OK
    
    #XNRFCLOUD: 0,0
    > AT#XNRFCLOUD=0
    
    ERROR
    > AT#XNRFCLOUD=1
    
    OK
    
    #XNRFCLOUD: 0,0
    > AT+CFUN?
    
    +CFUN: 1
    
    OK


    However, I was unable to connect to nRF Cloud using this method.

    I also tried to verify LTE connectivity using the nrf_cloud_multi_service example firmware. After flashing this firmware, I saw the data in my nRF Cloud account.

    Could you please help me understand why I am unable to connect to the nRF server using AT commands?

  • My best guess is that one of the prerequisites for using AT#XNRFCLOUD is not enabled by default for the "AT commands" FW. This prerequisite is that  CONFIG_SLM_NRF_CLOUD should be enabled. 

    We have samples in nRF Connect SDK which showcase the AT command functionality: AT Client and AT monitor. You can enable CONFIG_SLM_NRF_CLOUD for one of them and let me know if you're able to use AT#XNRFCLOUD=1 to connect to nRF Cloud then. 

    Best regards,

    Maria

Reply Children
No Data
Related