I'm attempting to use AWS IoT Just In TIme Provisioning(JITP), but no luck. Any help.
I tested JITP on my account, not Nordic one, with local mosuqitto client on Mac and it works out.
I know JITP is available on nRF Cloud, but want to use it on my account.
After I flash a firmware and push reset button. I get this error.
***** Booting Zephyr OS v1.14.99-ncs2 ***** The MQTT simple sample started Deleting certs sec_tag: 16842753 nrf_inbuilt_key_delete(16842753, 0) => result=105 Deleting certs sec_tag: 16842753 nrf_inbuilt_key_delete(16842753, 1) => result=105 Deleting certs sec_tag: 16842753 nrf_inbuilt_key_delete(16842753, 2) => result=105 Deleting certs sec_tag: 16842753 nrf_inbuilt_key_delete(16842753, 3) => result=105 Deleting certs sec_tag: 16842753 nrf_inbuilt_key_delete(16842753, 4) => result=105 Write ca certs sec_tag: 16842753 CA_CERTIFICATE err: 105 LTE Link Connecting ... LTE Link Connected! ERROR: getaddrinfo failed 12
nrf_inbuilt_key_delete(16842753, 0) => result=105
This line(105, NRF_ENOBUFS) means buffer is not sufficient according to this page.
https://developer.nordicsemi.com/nRF_Connect_SDK/doc/latest/nrfxlib/bsdlib/doc/api.html
How can I solve this? Thanks.
This page explains JITP
https://aws.amazon.com/jp/blogs/iot/setting-up-just-in-time-provisioning-with-aws-iot-core/
<certificates.h>
#define CLIENT_ID "555555" #define CLIENT_PRIVATE_KEY \ "-----BEGIN RSA PRIVATE KEY-----\n" \ . . "aaaaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbbbbvvvvvvvvvvvvvvvvvvvvvvvvv\n" \ "aaaaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbbbbvvvvvvvvvvvvvvvvvvvvvvvvv\n" \ . . "-----END RSA PRIVATE KEY-----\n" #define CLIENT_PUBLIC_CERTIFICATE \ "-----BEGIN CERTIFICATE-----\n" \ . . "aaaaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbbbbvvvvvvvvvvvvvvvvvvvvvvvvv\n" \ "aaaaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbbbbvvvvvvvvvvvvvvvvvvvvvvvvv\n" \ . . "biR8iAb8xoEkb0TyE/UcGFI2\n" \ "-----END CERTIFICATE-----\n" \ "-----BEGIN CERTIFICATE-----\n" \ . . "aaaaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbbbbvvvvvvvvvvvvvvvvvvvvvvvvv\n" \ "aaaaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbbbbvvvvvvvvvvvvvvvvvvvvvvvvv\n" \ . . "JqvXo+GfWAvo1Zqj7ZGjpc+uNN4B6Kvib5s12PrtWTWfTZEuIHrBNCYs2DxN\n" \ "-----END CERTIFICATE-----\n" #define CA_CERTIFICATE \ "-----BEGIN CERTIFICATE-----\n" \ . . "aaaaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbbbbvvvvvvvvvvvvvvvvvvvvvvvvv\n" \ "aaaaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbbbbvvvvvvvvvvvvvvvvvvvvvvvvv\n" \ . . "-----END CERTIFICATE-----\n"
<prj.conf>
# General config CONFIG_TEST_RANDOM_GENERATOR=y CONFIG_REBOOT=y # Networking CONFIG_NETWORKING=y CONFIG_NET_SOCKETS_OFFLOAD=y CONFIG_NET_SOCKETS=y CONFIG_NET_SOCKETS_POSIX_NAMES=y # LTE link control CONFIG_LTE_LINK_CONTROL=y CONFIG_LTE_LOCK_BANDS=y CONFIG_LTE_AUTO_INIT_AND_CONNECT=n # BSD library CONFIG_BSD_LIBRARY=y # AT Host CONFIG_UART_INTERRUPT_DRIVEN=y CONFIG_AT_HOST_LIBRARY=n # MQTT CONFIG_MQTT_LIB=y CONFIG_MQTT_LIB_TLS=y # Appliaction CONFIG_MQTT_PUB_TOPIC="myTopic/publish" CONFIG_MQTT_SUB_TOPIC="myTopic/subscribe" CONFIG_MQTT_CLIENT_ID="555555" CONFIG_MQTT_BROKER_HOSTNAME="xxxxxxxxxxxx.amazonaws.com" CONFIG_MQTT_BROKER_PORT=8883 CONFIG_SEC_TAG=16842753 CONFIG_PROVISION_CERTIFICATES=y CONFIG_CERTIFICATES_FILE="certificates.h" # Main thread CONFIG_MAIN_THREAD_PRIORITY=7 CONFIG_MAIN_STACK_SIZE=8192 CONFIG_HEAP_MEM_POOL_SIZE=8192 CONFIG_NO_OPTIMIZATIONS=y # Disable native network stack to save some memory CONFIG_NET_IPV4=n CONFIG_NET_IPV6=n CONFIG_NET_UDP=n CONFIG_NET_TCP=n CONFIG_NET_RX_STACK_SIZE=256 CONFIG_NET_TX_STACK_SIZE=256
<main.c>
.
.
static int provision_certificate(void)
{
#if defined(CONFIG_PROVISION_CERTIFICATES)
#if defined(CONFIG_BSD_LIBRARY)
{
int err;
/* Delete certificates */
nrf_sec_tag_t sec_tag = (nrf_sec_tag_t) sec_tag_list[0];
for (nrf_key_mgnt_cred_type_t type = 0; type < 5; type++) {
printk("Deleting certs sec_tag: %d\n", sec_tag);
err = nrf_inbuilt_key_delete(sec_tag, type);
printk("nrf_inbuilt_key_delete(%u, %d) => result=%d\n",
sec_tag, type, err);
}
#if defined(CA_CERTIFICATE)
/* Provision CA Certificate. */
printk("Write ca certs sec_tag: %d\n", sec_tag);
err = nrf_inbuilt_key_write(sec_tag,
NRF_KEY_MGMT_CRED_TYPE_CA_CHAIN,
CA_CERTIFICATE,
strlen(CA_CERTIFICATE));
if (err) {
printk("CA_CERTIFICATE err: %d\n", err);
return err;
}
#endif
#if defined (CLIENT_PRIVATE_KEY)
/* Provision Private Certificate. */
printk("Write private cert sec_tag: %d\n", sec_tag);
err = nrf_inbuilt_key_write(
sec_tag,
NRF_KEY_MGMT_CRED_TYPE_PRIVATE_CERT,
CLIENT_PRIVATE_KEY,
strlen(CLIENT_PRIVATE_KEY));
if (err) {
printk("CLIENT_PRIVATE_KEY err: %d\n", err);
return err;
}
#endif
#if defined(CLIENT_PUBLIC_CERTIFICATE)
/* Provision Public Certificate. */
printk("Write public cert sec_tag: %d\n", sec_tag);
err = nrf_inbuilt_key_write(
sec_tag,
NRF_KEY_MGMT_CRED_TYPE_PUBLIC_CERT,
CLIENT_PUBLIC_CERTIFICATE,
strlen(CLIENT_PUBLIC_CERTIFICATE));
if (err) {
printk("CLIENT_PUBLIC_CERTIFICATE err: %d\n",
err);
return err;
}
}
#endif
#else
{
int err;
err = tls_credential_add(CONFIG_SEC_TAG,
TLS_CREDENTIAL_CA_CERTIFICATE,
NRF_CLOUD_CA_CERTIFICATE,
sizeof(NRF_CLOUD_CA_CERTIFICATE));
if (err < 0) {
printk("Failed to register ca certificate: %d\n",
err);
return err;
}
err = tls_credential_add(CONFIG_SEC_TAG,
TLS_CREDENTIAL_PRIVATE_KEY,
NRF_CLOUD_CLIENT_PRIVATE_KEY,
sizeof(NRF_CLOUD_CLIENT_PRIVATE_KEY));
if (err < 0) {
printk("Failed to register private key: %d\n",
err);
return err;
}
err = tls_credential_add(CONFIG_SEC_TAG,
TLS_CREDENTIAL_SERVER_CERTIFICATE,
NRF_CLOUD_CLIENT_PUBLIC_CERTIFICATE,
sizeof(NRF_CLOUD_CLIENT_PUBLIC_CERTIFICATE));
if (err < 0) {
printk("Failed to register public certificate: %d\n",
err);
return err;
}
}
#endif /* defined(CONFIG_BSD_LIBRARY) */
#endif /* defined(CONFIG_PROVISION_CERTIFICATES) */
return 0;
}
.
.
