Hi,
I used DK board for quite a while with a single certificate, which has been generated and written by nrf_modem functions.
Recently I upgraded the modem to firmware 1.2 and also regenerated certificates. Since this point I constantly getting error -45 while connecting to MQTT.
I know that error means that TLS cannot be established so the following things were done:
1. in AWS the IoT policy allows any device to connect (same as before) and custom CA certificate is used (also same as before). Now I see absolutely nothing in the AWS logs, which means that TLS connection itself cannot be established for some reason. That gives me an idea that something is to do with CA root certificate, although same CA cert worked before.
2. I reverted back to the original certificate which worked before and now it is also not working. That gave me a clue that something changed in 1.2 firmware or something happening during the cert write step.
3. I used three options to write certificates: manually through UART, using nRF LTE Link Monitor and using modem_key_mgmt_write (which basically just sends AT commands). All three options return OK but I'm still getting error -45
4. In the documentation I noticed that private key has to be password protected and password is *the mandatory* parameter. I haven't used password protected private keys here, even LTE Link Monitor doesn't let you to specify the password, although it is required as per docs. Regardless, I tried to write protected private key with password using UART. Response was OK, result: same error -45
5. same sec tag is used as before, same source code worked before.
1. Anyone has any clue what may has happened?
2. Should private key be protected or not as per original design?
Thanks
