I'm attempting to use AWS IoT Just In TIme Provisioning(JITP), but no luck. Any help.
I tested JITP on my account, not Nordic one, with local mosuqitto client on Mac and it works out.
I know JITP is available on nRF Cloud, but want to use it on my account.
After I flash a firmware and push reset button. I get this error.
***** Booting Zephyr OS v1.14.99-ncs2 ***** The MQTT simple sample started Deleting certs sec_tag: 16842753 nrf_inbuilt_key_delete(16842753, 0) => result=105 Deleting certs sec_tag: 16842753 nrf_inbuilt_key_delete(16842753, 1) => result=105 Deleting certs sec_tag: 16842753 nrf_inbuilt_key_delete(16842753, 2) => result=105 Deleting certs sec_tag: 16842753 nrf_inbuilt_key_delete(16842753, 3) => result=105 Deleting certs sec_tag: 16842753 nrf_inbuilt_key_delete(16842753, 4) => result=105 Write ca certs sec_tag: 16842753 CA_CERTIFICATE err: 105 LTE Link Connecting ... LTE Link Connected! ERROR: getaddrinfo failed 12
nrf_inbuilt_key_delete(16842753, 0) => result=105
This line(105, NRF_ENOBUFS) means buffer is not sufficient according to this page.
https://developer.nordicsemi.com/nRF_Connect_SDK/doc/latest/nrfxlib/bsdlib/doc/api.html
How can I solve this? Thanks.
This page explains JITP
https://aws.amazon.com/jp/blogs/iot/setting-up-just-in-time-provisioning-with-aws-iot-core/
<certificates.h>
#define CLIENT_ID "555555" #define CLIENT_PRIVATE_KEY \ "-----BEGIN RSA PRIVATE KEY-----\n" \ . . "aaaaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbbbbvvvvvvvvvvvvvvvvvvvvvvvvv\n" \ "aaaaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbbbbvvvvvvvvvvvvvvvvvvvvvvvvv\n" \ . . "-----END RSA PRIVATE KEY-----\n" #define CLIENT_PUBLIC_CERTIFICATE \ "-----BEGIN CERTIFICATE-----\n" \ . . "aaaaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbbbbvvvvvvvvvvvvvvvvvvvvvvvvv\n" \ "aaaaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbbbbvvvvvvvvvvvvvvvvvvvvvvvvv\n" \ . . "biR8iAb8xoEkb0TyE/UcGFI2\n" \ "-----END CERTIFICATE-----\n" \ "-----BEGIN CERTIFICATE-----\n" \ . . "aaaaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbbbbvvvvvvvvvvvvvvvvvvvvvvvvv\n" \ "aaaaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbbbbvvvvvvvvvvvvvvvvvvvvvvvvv\n" \ . . "JqvXo+GfWAvo1Zqj7ZGjpc+uNN4B6Kvib5s12PrtWTWfTZEuIHrBNCYs2DxN\n" \ "-----END CERTIFICATE-----\n" #define CA_CERTIFICATE \ "-----BEGIN CERTIFICATE-----\n" \ . . "aaaaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbbbbvvvvvvvvvvvvvvvvvvvvvvvvv\n" \ "aaaaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbbbbvvvvvvvvvvvvvvvvvvvvvvvvv\n" \ . . "-----END CERTIFICATE-----\n"
<prj.conf>
# General config CONFIG_TEST_RANDOM_GENERATOR=y CONFIG_REBOOT=y # Networking CONFIG_NETWORKING=y CONFIG_NET_SOCKETS_OFFLOAD=y CONFIG_NET_SOCKETS=y CONFIG_NET_SOCKETS_POSIX_NAMES=y # LTE link control CONFIG_LTE_LINK_CONTROL=y CONFIG_LTE_LOCK_BANDS=y CONFIG_LTE_AUTO_INIT_AND_CONNECT=n # BSD library CONFIG_BSD_LIBRARY=y # AT Host CONFIG_UART_INTERRUPT_DRIVEN=y CONFIG_AT_HOST_LIBRARY=n # MQTT CONFIG_MQTT_LIB=y CONFIG_MQTT_LIB_TLS=y # Appliaction CONFIG_MQTT_PUB_TOPIC="myTopic/publish" CONFIG_MQTT_SUB_TOPIC="myTopic/subscribe" CONFIG_MQTT_CLIENT_ID="555555" CONFIG_MQTT_BROKER_HOSTNAME="xxxxxxxxxxxx.amazonaws.com" CONFIG_MQTT_BROKER_PORT=8883 CONFIG_SEC_TAG=16842753 CONFIG_PROVISION_CERTIFICATES=y CONFIG_CERTIFICATES_FILE="certificates.h" # Main thread CONFIG_MAIN_THREAD_PRIORITY=7 CONFIG_MAIN_STACK_SIZE=8192 CONFIG_HEAP_MEM_POOL_SIZE=8192 CONFIG_NO_OPTIMIZATIONS=y # Disable native network stack to save some memory CONFIG_NET_IPV4=n CONFIG_NET_IPV6=n CONFIG_NET_UDP=n CONFIG_NET_TCP=n CONFIG_NET_RX_STACK_SIZE=256 CONFIG_NET_TX_STACK_SIZE=256
<main.c>
. . static int provision_certificate(void) { #if defined(CONFIG_PROVISION_CERTIFICATES) #if defined(CONFIG_BSD_LIBRARY) { int err; /* Delete certificates */ nrf_sec_tag_t sec_tag = (nrf_sec_tag_t) sec_tag_list[0]; for (nrf_key_mgnt_cred_type_t type = 0; type < 5; type++) { printk("Deleting certs sec_tag: %d\n", sec_tag); err = nrf_inbuilt_key_delete(sec_tag, type); printk("nrf_inbuilt_key_delete(%u, %d) => result=%d\n", sec_tag, type, err); } #if defined(CA_CERTIFICATE) /* Provision CA Certificate. */ printk("Write ca certs sec_tag: %d\n", sec_tag); err = nrf_inbuilt_key_write(sec_tag, NRF_KEY_MGMT_CRED_TYPE_CA_CHAIN, CA_CERTIFICATE, strlen(CA_CERTIFICATE)); if (err) { printk("CA_CERTIFICATE err: %d\n", err); return err; } #endif #if defined (CLIENT_PRIVATE_KEY) /* Provision Private Certificate. */ printk("Write private cert sec_tag: %d\n", sec_tag); err = nrf_inbuilt_key_write( sec_tag, NRF_KEY_MGMT_CRED_TYPE_PRIVATE_CERT, CLIENT_PRIVATE_KEY, strlen(CLIENT_PRIVATE_KEY)); if (err) { printk("CLIENT_PRIVATE_KEY err: %d\n", err); return err; } #endif #if defined(CLIENT_PUBLIC_CERTIFICATE) /* Provision Public Certificate. */ printk("Write public cert sec_tag: %d\n", sec_tag); err = nrf_inbuilt_key_write( sec_tag, NRF_KEY_MGMT_CRED_TYPE_PUBLIC_CERT, CLIENT_PUBLIC_CERTIFICATE, strlen(CLIENT_PUBLIC_CERTIFICATE)); if (err) { printk("CLIENT_PUBLIC_CERTIFICATE err: %d\n", err); return err; } } #endif #else { int err; err = tls_credential_add(CONFIG_SEC_TAG, TLS_CREDENTIAL_CA_CERTIFICATE, NRF_CLOUD_CA_CERTIFICATE, sizeof(NRF_CLOUD_CA_CERTIFICATE)); if (err < 0) { printk("Failed to register ca certificate: %d\n", err); return err; } err = tls_credential_add(CONFIG_SEC_TAG, TLS_CREDENTIAL_PRIVATE_KEY, NRF_CLOUD_CLIENT_PRIVATE_KEY, sizeof(NRF_CLOUD_CLIENT_PRIVATE_KEY)); if (err < 0) { printk("Failed to register private key: %d\n", err); return err; } err = tls_credential_add(CONFIG_SEC_TAG, TLS_CREDENTIAL_SERVER_CERTIFICATE, NRF_CLOUD_CLIENT_PUBLIC_CERTIFICATE, sizeof(NRF_CLOUD_CLIENT_PUBLIC_CERTIFICATE)); if (err < 0) { printk("Failed to register public certificate: %d\n", err); return err; } } #endif /* defined(CONFIG_BSD_LIBRARY) */ #endif /* defined(CONFIG_PROVISION_CERTIFICATES) */ return 0; } . .