• State Not Answered
  • Replies 4 replies
  • Subscribers 68 subscribers
  • Views 1092 views
  • Users 0 members are here
Attachments (1) Download All
Nordic Case Info
  • Case ID: 236530
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Thingy:91 no certificates - at_client timeout

l92

I received the device and tried running the default asset tracker that was installed and kept getting these messages:

DEBUG modem << Connected to LTE network\x0D\x0A

DEBUG modem << [00:00:06.666,076] \x1B[0m<dbg> nrf_cloud_transport.nct_connect: IPv4 Address ...

DEBUG modem << cloud_connect failed: -111\x0D\x0A

DEBUG modem << LTE link disconnect\x0D

First I tried updating the modem firmware and application to the newest versions but that did not help.

I read a few posts about the certificates and my device did not list any. I installed the at_client example and tried loading new certificates on, I was successful only once but unfortunately I generated the certificates wrong.

After hundreds of reboots of the device most of the time when opening the Link Monitor I only get this displayed in the terminal and all commands entered will timeout:

98% of the time I cannot run any commands, but when I am able to run a few simple commands like display the modem firmware version, or list certificates, when I then try to load on the new certificates I get the timeout again and no further commands work.

This is getting very frustrating, any help would be greatly appreciated.

Parents
  • 0

    Hi!

    To load new certificates you need to be running a firmware with increased buffer to support long AT-commands. Could you try flashing the attached .hex file and then updating the certificates?

    thingy91_at_client.hex

    Best regards,

    Heidi

  • 0 in reply to Heidi-Irene Harvey Sollie

    That did allow me to get the certificates on but unfortunately the asset tracker example is still in the loop of connecting and disconnecting along with the error cloud_connect failed: -111

    I flashed the device with the file you attached. Then requested the certificates using this commend: echo -n <pin> | http api.nrfcloud.com/.../certificates Authorization:"Bearer <api key>"

    Then I loaded the returned values onto the device and then flashed with thingy91_ltem_v0.2.2.hex

    Am I doing something wrong?

  • 0 in reply to l92

    Did you add the Amazon Root CA 1 to the certificate? It should look something like

    {
         "clientId":"nrf-IMEI",
         "publicKey":"-----BEGIN CERTIFICATE-----\n ... \n-----END CERTIFICATE-----\n",
         "privateKey":"-----BEGIN RSA PRIVATE KEY-----\n ... \n-----END RSA PRIVATE KEY-----\n",
         "clientCert":"-----BEGIN CERTIFICATE-----\n ... \n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\n ... \n-----END CERTIFICATE-----\n",
         "caCert":     "-----BEGIN CERTIFICATE-----\nMIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsF\nADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6\nb24gUm9vdCBDQSAxMB4XDTE1MDUyNjAwMDAwMFoXDTM4MDExNzAwMDAwMFowOTEL\nMAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv\nb3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj\nca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM\n9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qw\nIFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6\nVOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L\n93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQm\njgSubJrIqg0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC\nAYYwHQYDVR0OBBYEFIQYzIU07LwMlJQuCFmcx7IQTgoIMA0GCSqGSIb3DQEBCwUA\nA4IBAQCY8jdaQZChGsV2USggNiMOruYou6r4lK5IpDB/G/wkjUu0yKGX9rbxenDI\nU5PMCCjjmCXPI6T53iHTfIUJrU6adTrCC2qJeHZERxhlbI1Bjjt/msv0tadQ1wUs\nN+gDS63pYaACbvXy8MWy7Vu33PqUXHeeE6V/Uq2V8viTO96LXFvKWlJbYK8U90vv\no/ufQJVtMVT8QtPHRh8jrdkPSHCa2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU\n5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2xJNDd2ZhwLnoQdeXeGADbkpy\nrqXRfboQnoZsG4q5WTP468SQvvG5\n-----END CERTIFICATE-----\n"
    }



    l92 said:
    Then I loaded the returned values onto the device and then flashed with thingy91_ltem_v0.2.2.hex

     I'm not sure what you mean by this. 

    You should use LTE Link Monitor's "Certificate Manager" to update the certificates. To do this, it is important that the at-client firmware is running in the device. When this is complete, flash the asset_tracker example and try to connect. 

    Note that if you have connected your device to the nRF Cloud platform once before you need to delete the device using the DELETE endpoint before using the certificates. Use the following command, but make sure you have curl installed and in your system path: Using Chocolatey, run choco install curl

    <clientId> in the format “nrf-IMEI” found on the label on the Thingy:91.
    <API Key> found under your nRF Cloud Account.

    curl -X DELETE "">api.nrfcloud.com/.../<clientId>" -H "accept: */*" -H "Authorization: Bearer <API Key>" -H "Content-Type: application/json" -d "<PIN>"

    Best regards,

    Heidi

Reply
  • 0 in reply to l92

    Did you add the Amazon Root CA 1 to the certificate? It should look something like

    {
         "clientId":"nrf-IMEI",
         "publicKey":"-----BEGIN CERTIFICATE-----\n ... \n-----END CERTIFICATE-----\n",
         "privateKey":"-----BEGIN RSA PRIVATE KEY-----\n ... \n-----END RSA PRIVATE KEY-----\n",
         "clientCert":"-----BEGIN CERTIFICATE-----\n ... \n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\n ... \n-----END CERTIFICATE-----\n",
         "caCert":     "-----BEGIN CERTIFICATE-----\nMIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsF\nADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6\nb24gUm9vdCBDQSAxMB4XDTE1MDUyNjAwMDAwMFoXDTM4MDExNzAwMDAwMFowOTEL\nMAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv\nb3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj\nca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM\n9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qw\nIFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6\nVOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L\n93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQm\njgSubJrIqg0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC\nAYYwHQYDVR0OBBYEFIQYzIU07LwMlJQuCFmcx7IQTgoIMA0GCSqGSIb3DQEBCwUA\nA4IBAQCY8jdaQZChGsV2USggNiMOruYou6r4lK5IpDB/G/wkjUu0yKGX9rbxenDI\nU5PMCCjjmCXPI6T53iHTfIUJrU6adTrCC2qJeHZERxhlbI1Bjjt/msv0tadQ1wUs\nN+gDS63pYaACbvXy8MWy7Vu33PqUXHeeE6V/Uq2V8viTO96LXFvKWlJbYK8U90vv\no/ufQJVtMVT8QtPHRh8jrdkPSHCa2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU\n5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2xJNDd2ZhwLnoQdeXeGADbkpy\nrqXRfboQnoZsG4q5WTP468SQvvG5\n-----END CERTIFICATE-----\n"
    }



    l92 said:
    Then I loaded the returned values onto the device and then flashed with thingy91_ltem_v0.2.2.hex

     I'm not sure what you mean by this. 

    You should use LTE Link Monitor's "Certificate Manager" to update the certificates. To do this, it is important that the at-client firmware is running in the device. When this is complete, flash the asset_tracker example and try to connect. 

    Note that if you have connected your device to the nRF Cloud platform once before you need to delete the device using the DELETE endpoint before using the certificates. Use the following command, but make sure you have curl installed and in your system path: Using Chocolatey, run choco install curl

    <clientId> in the format “nrf-IMEI” found on the label on the Thingy:91.
    <API Key> found under your nRF Cloud Account.

    curl -X DELETE "">api.nrfcloud.com/.../<clientId>" -H "accept: */*" -H "Authorization: Bearer <API Key>" -H "Content-Type: application/json" -d "<PIN>"

    Best regards,

    Heidi

Children
No Data
Related