Closed vinodrr closed 3 years ago
mingyue86010
commented
3 years ago Hi @vinodrr,
Have you tried to enable the Debug level print? It would be helpful to look into your problem. If's hard to say why it failed the TLS hand shake with the current information... Have you checked if your device certificate matchs the "Thing" you created in cloud and done the configuration correctly?
Regards, Ming
vinodrr
commented
3 years ago Hi @mingyue86010,
As we have mentioned earlier we did certification and configuration correctly. We created thing in cloud and attached certificate to that. Same certificates we are using in application. Also we tried with enable the debug level print. But we can't resolve the issue.
Thanks and Regards, Vinod
mingyue86010
commented
3 years ago Hi @vinodrr ,
There is one thing I think of you can check. Are you using a relative path or absolute path for your certificate locations? They should use absolute paths. Can you check on this?
Thanks, Ming
vadimceb
commented
3 years ago Hello! I have the same problem but with _fleet_provisioning_with_csrdemo, mqtt demos work just fine. I have double checked policy and certificates, generated from AWS console, and using abosulte path.
SDK version: 202108.00
logs:
[INFO] [PKCS11] [core_pkcs11_mbedtls.c:1403] PKCS #11 successfully initialized. [INFO] [PKCS11] [core_pkcs11_mbedtls.c:2823] Creating a 0x3 type object. [INFO] [PKCS11] [core_pkcs11_pal.c:63] Could not open corePKCS11_Claim_Certificate.dat for reading. [INFO] [FLEET_PROVISIONING_DEMO] [pkcs11_operations.c:770] Writing certificate into label "Claim Cert". [INFO] [PKCS11] [core_pkcs11_mbedtls.c:2823] Creating a 0x1 type object. [INFO] [FLEET_PROVISIONING_DEMO] [fleet_provisioning_with_csr_demo.c:517] Establishing MQTT session with claim certificate... [DEBUG] [FLEET_PROVISIONING_DEMO] [mqtt_operations.c:399] Establishing a TLS session to <_AWS_IOT_ENDPOINT_>:8883. [ERROR] [Transport_MbedTLS_PKCS11] [mbedtls_pkcs11_posix.c:826] Failed to perform TLS handshake: mbedTLSError= SSL - The operation timed out :
.
in debug mbedtlsError returned is -26624.
gshvang
commented
3 years ago Hi @vadimceb
Sorry for the delayed response. Please can you check if you have configured the claim crdentials in the demo_config.h For the fleet_provisioning_with_csr_demo you also need to configure claim credentials, with the proper policy, and create the fleet provisioning template on the cloud. You can refer the comments mentioned in demo_config.h https://github.com/aws/aws-iot-device-sdk-embedded-C/blob/main/demos/fleet_provisioning/fleet_provisioning_with_csr/demo_config.h#L93.
vadimceb
commented
3 years ago Hi @gshvang,
yep certificates and policy were in place. I've increased the size of this definitions inside config file
#define NETWORK_BUFFER_SIZE
#define TRANSPORT_SEND_RECV_TIMEOUT_MSand now the demo works perfectly. Thank you!
gshvang
commented
3 years ago Hi @vadimceb
I am glad to hear that it worked. Please reach out to us if you have any further questions.
We are following the below mentioned steps to validate and test the 'mqtt_demo_mutual_auth' MQTT demo application on AWS-IoT Core platform.
We have also create the 'Thing' on AWS IoT Core platform console and downloaded all the required certificates files and placed in the following path.
/build/bin/certificates.
After doing the changes in the .config file we have compile the demo application and executed the following command to run the demo application.
unfortunately, we are not able to establish the connection with the AWS cloud platform and the application is ending with the following error.
[INFO] [DEMO] [mqtt_demo_mutual_auth.c:645] Establishing a TLS session to ayuk546z2b7sm-ats.iot.us-west-2.amazonaws.com:8883. [ERROR] [Transport_OpenSSL_Sockets] [openssl_posix.c:272] SSL_connect failed to perform TLS handshake. [ERROR] [Transport_OpenSSL_Sockets] [openssl_posix.c:666] Failed to establish a TLS connection. [WARN] [DEMO] [mqtt_demo_mutual_auth.c:683] Connection to the broker failed. Retrying connection after 88 ms backoff. [INFO] [DEMO] [mqtt_demo_mutual_auth.c:645] Establishing a TLS session to ayuk546z2b7sm-ats.iot.us-west-2.amazonaws.com:8883.
The version of SDK we are using is "202108.00" We are not sure whether the cloud configuration is not doing properly or the issue is with the AWS-SDK demo application. Can anyone provide their feedback on the above issue?
Thank you in advance.