SE050 AWS TLS Connection

tomoyanawatedani · ‎11-28-2021

Help me.

this URL
https://community.nxp.com/t5/Secure-Authentication-Knowledge/Connecting-with-Edgelock-SE050-and-Rasp...
「Run the demo with specifying your endpoint URL and certificate + key files:」

When I executed, I got the following error
```log
[INFO ][INIT][2021-11-26 13:55:26] SDK successfully initialized.
[INFO ][NET][2021-11-26 13:55:26] Network library initialized.
[INFO ][MQTT][2021-11-26 13:55:26] MQTT library successfully initialized.
[INFO ][DEMO][2021-11-26 13:55:26] MQTT demo client identifier is my_armadillo002 (length 15).
[INFO ][NET][2021-11-26 13:55:26] TCP connection successful.
[INFO ][NET][2021-11-26 13:55:26] Setting up TLS.
[INFO ][NET][2021-11-26 13:55:26] Successfully imported root CA.
[INFO ][NET][2021-11-26 13:55:26] Successfully imported client certificate.
[INFO ][NET][2021-11-26 13:55:26] Successfully imported client certificate private key.
[ERROR][NET][2021-11-26 13:55:27] TLS handshake failed.
[ERROR][MQTT][2021-11-26 13:55:27] Failed to create network connection: 4
[ERROR][MQTT][2021-11-26 13:55:27] Failed to establish new MQTT connection, error NETWORK ERROR.
[ERROR][DEMO][2021-11-26 13:55:27] MQTT CONNECT returned error NETWORK ERROR.
[INFO ][MQTT][2021-11-26 13:55:27] MQTT library cleanup done.
[INFO ][NET][2021-11-26 13:55:27] Network library cleanup done.
[INFO ][INIT][2021-11-26 13:55:27] SDK cleanup done.
[ERROR][DEMO][2021-11-26 13:55:27] Error occurred while running demo.
```

Kan_Li · ‎11-29-2021

Hi @tomoyanawatedani ,

Did you following all the steps before running the demo with specifying your endpoint URL and certificate + key files? Please kindly let me know if you missed or modified something.

Have a great day,
Kan

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

tomoyanawatedani · ‎11-29-2021

@Kan_Li

Thank you. Kan

I followed all the steps as documented.

Please Help me.

Kan_Li · ‎12-12-2021

Hi @tomoyanawatedani ,

Which type of of X.509 client certificates did you use in your test ?

With pre-provisioned credentials of a generic EdgeLock SE050, you should use X.509 certificates signed by a CA that is not registered with AWS IoT. Client certificates must be registered with AWS IoT before a client can communicate with AWS IoT. This option is known as “AWS IoT Core Multi-Account Registration” and generally available since 30th April 2020 and supported by the AWS CLI interface.

Have a great day,
Kan

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

tomoyanawatedani · ‎12-12-2021

@Kan_Li

I understand the cause.
I didn't perform the following steps added in Release v04.00.00.

$ make install
$ ldconfig /usr/local/lib

Thank you for your cooperation.

Kan_Li · ‎12-12-2021

Hi @tomoyanawatedani ,

Thanks for the update!

Have a great day,
Kan

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------