• State Not Answered
  • Replies 2 replies
  • Subscribers 74 subscribers
  • Views 1137 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 283114
Options

Provisioning Device Certificate for AWS on Thingy91

rishj09

Hi! 

I am in the process of trying to install the Asset Tracker on my Thingy91. I have got it to work with nrfCloud and I am now trying to configure it to use the AWS backend. I am having some trouble with it working and my suspicion is that it is due to me not provisioning the certificates correctly on my device.

Here is what works: 

  1. Thingy91 with nrfCloud 
  2. My nRF9160 DK with AWS (should indicate that the configuration is probably correct for the FW I am putting on the devices) 

When I try to use my Thingy91, it is unable to connect and the following error(s) are sent over the serial terminal 

[00:00:35.701,660] <inf> event_manager: CLOUD_EVT_CONNECTION_TIMEOUT
[00:00:35.708,770] <wrn> aws_iot: connection_poll_start failed, error: -119
[00:00:35.716,339] <err> aws_iot_integration: aws_iot_connect, error: -119
[00:00:35.723,846] <err> cloud_module: cloud_connect failed, error: -119
[00:00:35.731,201] <wrn> cloud_module: Cloud connection establishment in progress
[00:00:35.739,349] <wrn> cloud_module: New connection attempt in 64 seconds if not successful
[00:01:39.748,687] <inf> event_manager: CLOUD_EVT_CONNECTION_TIMEOUT
[00:01:39.755,798] <wrn> aws_iot: connection_poll_start failed, error: -119
[00:01:39.763,458] <err> aws_iot_integration: aws_iot_connect, error: -119
[00:01:39.770,965] <err> cloud_module: cloud_connect failed, error: -119
[00:01:39.778,289] <wrn> cloud_module: Cloud connection establishment in progress
[00:01:39.786,407] <wrn> cloud_module: New connection attempt in 128 seconds if not successful

I believe that the issue is in how I am configuring the certificates on my Thingy91 device. More generally I would say, I am not exactly sure of how to think of the device connections between my computer (M1 Macbook, running nRF Connect SDK v1.8 w/Visual Studio Code) and the Thingy91 device when programming it. Based on my understanding, I need to use an external debugger when I program/debug the device. Thus, I connect my DK to my computer via microUSB then connect the Thingy91 to the DK with the 2x5 debug cable. If I plug in the Thingy directly, I am unable to see it in my 'Connected Devices' Pane in VSCode and I believe this is expected behavior as the Thingy does not have a debugger built in. Thus, I follow the setup described above with the DK acting as an intermediary between my computer and the Thingy. 

Here are the main questions I have 

  1. When programming the Thingy with the setup described above, is it normal to still see the connected device recognized as nrf9160 DK in VS Code? 
  2. How would I access the UART terminal on the Thingy with the above setup? When I try to connect to VCOM0/VCOM2, it seems that it is displaying information from the module on the DK instead of the Thingy. Do I need an additional microUSB cable to talk to the Thingy directly via UART while it is getting program/debug connections through the DK?

With the above confusion, I believe I have the wrong procedure for programming the required CA certificates for AWS when following this step of the guide: 

https://nordicsemiconductor.github.io/asset-tracker-cloud-docs/v1.8.x/docs/aws/GettingStarted/DeviceCredentials.html

 node cli create-and-provision-device-cert

If I plug in the Thingy91 directly to my computer via microUSB, I get a JLink error (which I believe is expected as there is no debugger currently between my laptop and the Thingy). I did try to use a setup with the DK in the middle but I believe that process is simply updating the CA certificate on the DK rather than the Thingy. In order for it it work, I had to add the --dk option along with specifying the port the device was connected to. Again, I am not sure here which one I selected but it seems that the AT command worked correctly (based on --debug output) if I selected the port corresponding to VCOM0. I should note here that I never got a message with the IMEI of the device (which seems should be printed when looking at the source script for this device). 

Overall, I just want some clarification on the best way to program + debug + interact with my Thingy91 and flash the CA certificate for AWS. If what I described here seems correct, are there any other issues that may cause the error I saw? 

Thank you very much! 

  • 0

    Hello, 


    I am in the process of trying to install the Asset Tracker on my Thingy91.

    We do recommend using the Asset Tracker v2, as this is designed for this purpose.

    I am having some trouble with it working and my suspicion is that it is due to me not provisioning the certificates correctly on my device.

    Yes, errno -119 is often seen in regards to certificates. Have you added the device to AWS, and downloaded the correct certificates? You can follow the steps provided in the nRF9160: AWS FOTA sample.

    . Based on my understanding, I need to use an external debugger when I program/debug the device. Thus, I connect my DK to my computer via microUSB then connect the Thingy91 to the DK with the 2x5 debug cable.

    The Thingy:91 User Guide has a detailed description on how to update the Thingy:91 using an external debug probe. 

    I did try to use a setup with the DK in the middle but I believe that process is simply updating the CA certificate on the DK rather than the Thingy.

    When connecting the external debug probe to Debug Out (P22) on the nRF9160DK, it will handle the connection automatically. Note that the Thingy:91 must be powered on. To ensure that it is powered, please connect a micro USB cable and switch ON the device. Make sure to use a USB cable that supports data in order for the device to show in LTE Link Monitor.

    You can use the Certificate Manager to update the certificates on your device. 

    The UART connection is handled by the nRF52 on the Thingy:91, running the Connectivity Bridge

    Also, please see the Working with Thingy:91 in our nRF Connect SDK documentation

    Kind regards,
    Øyvind

  • 0

    Thank you for your help. I was using Asset Tracker v2 but had a misunderstanding of how the UART connection was being handled by the Thingy91. I took your advice and connected both the DK (which was connected over the 10-pin to the Thingy) and the Thingy to my computer. This way, I was able to flash the memory on the Thingy and communicate with it over UART. Ultimately, this was the command that helped me flash the certificate on the Thingy. I had to add the -x flag to overwrite the pre-existing certificate as I was getting an error in the process where the script was trying to provision the certificate

     node cli create-and-provision-device-cert -p /dev/tty.usbmodem11401 -X


Related
Terms of service