Connect to Amazon IoT using NetXDuo

Question

Hi, I'm testing the connection to cloud services using MQTT. Successfully connected to Azure IoT Hub, but I have a problem with Amazon IoT Core.
As far as I see to connect to Azure IoT Hub I am using a username/password and root_ac certificate.
Amazon provides a device certificate, two ac_certificates, public and private keys. I converted device certificate, one ac certificate and private key to .der format using openssl from msys2 shell. Uploaded to hexed.it and copied to project as arrays of hex-values. This is part of code how I'm using those certificates:

#define HOST_NAME  "xxxx-ats.iot.us-west-2.amazonaws.com"  
#define SERVER_NAME "xxxx-ats.iot.us-west-2.amazonaws.com"  
#define DEVICE_ID "nxpevkboard"  
#define SERVER_PORT 8883  
#define PUBLISH_TOPIC   "devices/%s/test/me"  
#define SUBSCRIBE_TOPIC "devices/%s/notice/me"  
  
static UINT threadx_mqtt_tls_setup(NXD_MQTT_CLIENT *client_ptr,  
                                   NX_SECURE_TLS_SESSION *tls_session,  
                                   NX_SECURE_X509_CERT *certificate,  
                                   NX_SECURE_X509_CERT *trusted_certificate)  
{  
    UINT status;  
    UINT i;  
  
    for (i = 0; i < sizeof(threadx_tls_remote_certificate) / sizeof(NX_SECURE_X509_CERT); i++)  
    {  
        /* Need to allocate space for the certificate coming in from the remote host. */  
        nx_secure_tls_remote_certificate_allocate(tls_session, &threadx_tls_remote_certificate[i],  
                                                  threadx_tls_remote_cert_buffer[i],  
                                                  sizeof(threadx_tls_remote_cert_buffer[i]));  
    }  
  
    /* Add a CA Certificate to our trusted store for verifying incoming server certificates. */  
    status = nx_secure_x509_certificate_initialize(certificate, amazon_cert,  
                                          sizeof(amazon_cert), NX_NULL, 0, amazon_key, sizeof(amazon_key),  
										  NX_SECURE_X509_KEY_TYPE_RSA_PKCS1_DER);  
    status = nx_secure_tls_local_certificate_add(tls_session, certificate);  
  
    /* Add a CA Certificate to our trusted store for verifying incoming server certificates. */  
    status = nx_secure_x509_certificate_initialize(trusted_certificate, amazon_ca_cert,  
                                          sizeof(amazon_ca_cert), NX_NULL, 0, NX_NULL, 0,  
										  NX_SECURE_X509_KEY_TYPE_NONE);  
    status = nx_secure_tls_trusted_certificate_add(tls_session, trusted_certificate);  
  
    status = nx_secure_tls_session_packet_buffer_set(tls_session, threadx_tls_packet_buffer, sizeof(threadx_tls_packet_buffer));  
  
    return (NX_SUCCESS);  
}  
  

API here doesn't return any errors but later I have connection problem.

Error in connecting to server: 0x10005

What Am I doing wrong?

P.S. I tried the same thing to mosquitto public broker, connected to 8884 secure port.

Answer 1

Hello @Serhii Cherkasov,

Just wanted to check if you find any resolution on your query? Please share with us any solutions you have found?

I hope you have already created Thing or registered device on Amazon IOT with Device certificate and Policy. Did you try using NextDuo API to communicate with Amazon IoT Platform?

[https://docs.aws.amazon.com/iot/latest/developerguide/what-is-aws-iot.html

[https://wiki.st.com/stm32mcu/wiki/Introduction_to_NETXDUO

Overview of Azure RTOS NetX Duo

Please comment in the below section if you need further help in this regard!

Answer 2

I'm also experiencing the same problem, when I use the device private key, I get an error by referring to the author above! Is there a demo for using NetxDuo to connect to AWS?