I have the DA16200 evaluation board. I am trying to connect to my AWS account. I have mqtt_config setup as shown below. when I try to connect I get the following message. It is crucial that I am able to connect to my AWS account using TLS and certificates. I have loaded the 3 certificates that I use to connect to my AWS account from other boards. These certificates work for all other cases.
/DA16200/NET] # cert #1 (MQTT, Enterprise) - Root CA: O - Certificate: O - Private Key: O - DH Parameter: X #2 (HTTPs, CoAPs Client) - Root CA: X - Certificate: X - Private Key: X - DH Parameter: X
mqtt_client_check_conn failed [mosquitto__socket_connect_tls] Failed to establish tls-sess(0x7200) [_mosquitto_socket_connect_step3] Failed to connect tls-sess(19) Unable to connect (TLS Handshake failed.) [SUB] REQ mqtt_restart (count=1)
MQTT Client Information: - MQTT Status : Not Running - Broker IP : xxx-ats.iot.us-east-1.amazonaws.com - Port : 8883 - Pub. Topic : da16k - Sub. Topic : da16ks - QoS Level : 1 - TLS : Enable - Ping Period : 600 - TLS Incoming buf : 4096(bytes) - TLS Outgoing buf : 4096(bytes) - TLS Auth mode : 1 - User name : <None> - Password : (None) - Client ID : test_id - MQTT VER : 3.1
Hi There,
Thanks for your question. Can you please share the complete log file? What is the SDK version that you are using?
If you are using the AT Commands, please also share the sequence of the commands.
Thanks, PM_Dialog
[dpm_init_retmemory] DPM INIT CONFIGURATION(1)
****************************************************** * DA16200 SDK Information * --------------------------------------------------- * * - CPU Type : Cortex-M4 (120MHz) * - OS Type : FreeRTOS 10.4.3 * - Serial Flash : 4 MB * - SDK Version : V3.1.2.0 GEN * - F/W Version : FRTOS-GEN01-01-15022-000000 * - F/W Build Time : Oct 27 2021 10:51:30 * - Boot Index : 0 * ******************************************************
System Mode : Station Only (0) >>> DA16x Supp Ver2.7 - 2020_07 >>> MAC address (sta0) : d4:3d:39:10:ce:bc >>> sta0 interface add OK >>> Start STA mode... associating with AP with corrupt beacon
>>> Network Interface (wlan0) : UP >>> Associated with a0:64:8f:3a:a2:c8
Connection COMPLETE to a0:64:8f:3a:a2:c8
-- DHCP Client WLAN0: SEL(6) -- DHCP Client WLAN0: REQ(1) -- DHCP Client WLAN0: CHK(8) -- DHCP Client WLAN0: BOUND(10) Assigned addr : 192.168.1.146 netmask : 255.255.255.0 gateway : 192.168.1.1 DNS addr : 192.168.1.1
DHCP Server IP : 192.168.1.1 Lease Time : 168h 00m 00s Renewal Time : 84h 00m 00s
>>> SNTP Server: pool.ntp.org (173.0.48.220)
>>> SNTP Time sync : 2021.11.02 - 08:57:03 start subscribe callback
WLAN0 - D4:3D:39:10:CE:BC - Current Time : 53808.04.09 11:02:45 (GMT -4:00) mqtt_client_check_conn failed [mosquitto__socket_connect_tls] Failed to establish tls-sess(0x7200) [_mosquitto_socket_connect_step3] Failed to connect tls-sess(19) Unable to connect (TLS Handshake failed.) [SUB] REQ mqtt_restart (count=1) [mosquitto__socket_connect_tls] Failed to establish tls-sess(0x7200) [_mosquitto_socket_connect_step3] Failed to connect tls-sess(19) Unable to connect (TLS Handshake failed.) [SUB] REQ mqtt_restart (count=2) [mosquitto__socket_connect_tls] Failed to establish tls-sess(0x7200) [_mosquitto_socket_connect_step3] Failed to connect tls-sess(19) Unable to connect (TLS Handshake failed.) [SUB] REQ mqtt_restart (count=3) [mosquitto__socket_connect_tls] Failed to establish tls-sess(0x7200) [_mosquitto_socket_connect_step3] Failed to connect tls-sess(19) Unable to connect (TLS Handshake failed.) [SUB] REQ mqtt_restart (count=4) [mosquitto__socket_connect_tls] Failed to establish tls-sess(0x7200) [_mosquitto_socket_connect_step3] Failed to connect tls-sess(19) Unable to connect (TLS Handshake failed.) [SUB] REQ mqtt_restart (count=5) [mosquitto__socket_connect_tls] Failed to establish tls-sess(0x7200) [_mosquitto_socket_connect_step3] Failed to connect tls-sess(19) Unable to connect (TLS Handshake failed.) [SUB] MAX Retry (Retry Cnt=6). [mqtt_client] terminated
Thanks for sharing the complete log file. We'll go through it. In the meantime, can you check if you can replicate it with our latest SDK release?
I created an AWS thing (neuroalert) and downloaded the certificates. my settings are shown below
MQTT Client Information: - MQTT Status : Not Running - Broker IP : ****-ats.iot.us-east-1.amazonaws.com - Port : 8883 - Pub. Topic : da16k - Sub. Topic : da16ks - QoS Level : 1 - TLS : Enable - Ping Period : 600 - TLS Incoming buf : 4096(bytes) - TLS Outgoing buf : 4096(bytes) - TLS Auth mode : 1 - User name : (None) - Password : (None) - Client ID : neuroalert - MQTT VER : 3.1
I get the following
mqtt_client_check_conn failed [mosquitto__socket_connect_tls] Failed to establish tls-sess(0x7200) [_mosquitto_socket_connect_step3] Failed to connect tls-sess(19) Unable to connect (TLS Handshake failed.) [SUB] REQ mqtt_restart (count=1) [mosquitto__socket_connect_tls] Failed to establish tls-sess(0x7200) [_mosquitto_socket_connect_step3] Failed to connect tls-sess(19) Unable to connect (TLS Handshake failed.) [SUB] REQ mqtt_restart (count=2) [mosquitto__socket_connect_tls] Failed to establish tls-sess(0x7200) [_mosquitto_socket_connect_step3] Failed to connect tls-sess(19) Unable to connect (TLS Handshake failed.) [SUB] REQ mqtt_restart (count=3) [mosquitto__socket_connect_tls] Failed to establish tls-sess(0x7200) [_mosquitto_socket_connect_step3] Failed to connect tls-sess(19) Unable to connect (TLS Handshake failed.) [SUB] REQ mqtt_restart (count=4) [mosquitto__socket_connect_tls] Failed to establish tls-sess(0x7200) [_mosquitto_socket_connect_step3] Failed to connect tls-sess(19) Unable to connect (TLS Handshake failed.) [SUB] REQ mqtt_restart (count=5) [mosquitto__socket_connect_tls] Failed to establish tls-sess(0x7200) [_mosquitto_socket_connect_step3] Failed to connect tls-sess(19) Unable to connect (TLS Handshake failed.) [SUB] MAX Retry (Retry Cnt=6). [mqtt_client] terminated
I tried using the same certificates to send a message using mosquitto_sub.exe on my PC. the 3 certificates are the same as cert 0/1/2 and the broker and topic are the same. It works perfectly from my PC using the certs, broker, and port as shown below. these match the ones in the DA16200 board. The DA16200 does not work. What am I missing?
PS C:\Mosquitto> .\mosquitto_pub.exe -h *****-ats.iot.us-east-1.amazonaws.com -p 8883 -t da16ks -m "hello world" --cafile .\AmazonRootCA1.pem --cert .\neuroalert-certificate.pem.crt --key .\neuroalert-private.pem.key -d
Client (null) sending CONNECT
Client (null) received CONNACK (0)
Client (null) sending PUBLISH (d0, q0, r0, m1, 'da16ks', ... (11 bytes))
Client (null) sending DISCONNECT
PS
in AWS IOTR at topic da16ks
hello world
Can you please indicate the SDK example that you are using? is it the SDK image, or the Eclipse project?
Additionally, are you using AT commands? Can you please share the steps we should follow in order to replicate it?
I am using the example below and just setting the MQTT parameters under the [/DA16200/NET] # tab.
I am not using any AT commands. I am using the CERT command to load the same 3 cert files that I have used on my local PC to connect to AWS as shown above. I am using teh same AWS endpoint and port. the only difference is the DA16200 eval board. I am building and compiling with Eclipse. I am flashing with TeraTerm using the macro option in directory shown below.
C:\.....\SDK\DA16200_SDK_FreeRTOS_v3.1.2.0\DA16200_SDK_QFN_v3.1.2.0\customer\projects
C:\.....\SDK\DA16200_SDK_FreeRTOS_v3.1.2.0\DA16200_SDK_QFN_v3.1.2.0\img
any idea why I cannot connect to AWS? This is a requirement of the project. I have loaded the certs and failed to connect to my AWS account. I have used these same certs from my local PC and made a connection and could publish to my AWS account as shown above. This indicates teh host name and certs are correct. Can someone point me to anyone who can use the DA16200 and connect to AWS using TLS.
Hi tjm,
I have escalated this to our CS Team internally to take a look. I'll get back to you ASAP.
Thank you very much. I am sure it is operator error and I have just missed a setting or something. I followed the instructions in the MQTT document below to get it work without TLS on my local MQTT broker but could not get it to work with TLS either on my local broker or AWS.
User Manual DA16200 MQTT Programmer Guide UM-WI-010