Hi I’m using a EC-21 (Revision: EC21EUXGAR08A02M1G) and I want to connect it to Azure IoT Hub using the MQTT protocol. I’ve found a forum thread where someone else wants to do something similar: BG95-M2 Problem with MQTT and TLS
A Quectel support (Stephen Li) seem to have achieved exactly what I want to do using the following AT-command sequence:
[2018-06-25_11:57:46:330]ati
[2018-06-25_11:57:46:330]Quectel
[2018-06-25_11:57:46:330]BG96
[2018-06-25_11:57:46:330]Revision: BG96MAR02A08M1G
[2018-06-25_11:57:46:330]OK
[2018-06-25_11:57:47:305]at+cgreg?;+creg?;+cereg?;+qnwinfo
[2018-06-25_11:57:47:305]+CGREG: 1,1
[2018-06-25_11:57:47:326]+CREG: 1,1
[2018-06-25_11:57:47:326]+CEREG: 2,4
[2018-06-25_11:57:47:326]+QNWINFO: “EDGE”,“46001”,“GSM 900”,120
[2018-06-25_11:57:47:326]OK
[2018-06-25_11:58:00:728]at+qflst=“UFS:*”
[2018-06-25_11:58:00:728]+QFLST: “cacert.pem”,1280
[2018-06-25_11:58:00:728]OK
[2018-06-25_11:58:12:032]AT+QSSLCFG=“cacert”,2,“UFS:cacert.pem”
[2018-06-25_11:58:12:032]OK
[2018-06-25_11:58:15:917]AT+QSSLCFG=“seclevel”,2,1
[2018-06-25_11:58:15:917]OK
[2018-06-25_11:58:16:796]AT+QSSLCFG=“sslversion”,2,4
[2018-06-25_11:58:16:812]OK
[2018-06-25_11:58:22:600]AT+QMTCFG=“ssl”,0,1,2
[2018-06-25_11:58:22:600]OK
[2018-06-25_11:58:25:766]at+qmtcfg=“version”,0,4
[2018-06-25_11:58:25:766]OK
[2018-06-25_11:58:34:704]AT+QMTOPEN=0,“mqtt-quectel.azure-devices.net”,8883
[2018-06-25_11:58:34:704]OK
[2018-06-25_11:58:40:820]+QMTOPEN: 0,0
[2018-06-25_11:58:43:938]AT+QMTCONN=0,“mydevice1”,“mqtt-quectel.azure-devices.net/mydevice1","SharedAccessSignature sr=mqtt-quectel.azure-devices.net%2Fdevices%2Fmydevice1&sig=83aqJBcsRIN9R2ZdzGxwjIGHZslTXUNZNeeq1qbmh9A%3D&se=1563244357”
[2018-06-25_11:58:43:938]OK
[2018-06-25_11:58:45:061]+QMTCONN: 0,0,0
[2018-06-25_11:58:46:032]AT+QMTPUB=0,1,1,0,“mydevice1/topic”
[2018-06-25_11:58:46:088]> 0123456789
[2018-06-25_11:58:47:221]OK
[2018-06-25_11:58:48:491]+QMTPUB: 0,1,0
[2018-06-25_11:58:52:088]AT+QMTCLOSE=0
[2018-06-25_11:58:52:088]OK
[2018-06-25_11:58:55:081]+QMTCLOSE: 0,0
But when I try something similar like this it just doesn’t work for some reason:
AT+QICSGP=1,1,“online.telia.se”
OK
AT+QIACT=1
OK
AT+CREG=1
OK
AT+CGREG=1
OK
AT+CEREG=1
OK
AT+CGATT=1
OK
at+cgreg?;+creg?;+cereg?;+cgdcont?;+qnwinfo
+CGREG: 1,1
+CREG: 1,1
+CEREG: 1,1
+CGDCONT: 1,“IP”,“online.telia.se”,“0.0.0.0”,0,0,0,0
+QNWINFO: “FDD LTE”,“24001”,“LTE BAND 3”,1300
OK
AT+QFUPL=“RAM:cacert.pem”,1280,10
CONNECT +QFUPL: 1280,4f54
OK
AT+QSSLCFG=“cacert”,1,“RAM:cacert.pem”
OK
AT+QSSLCFG=“seclevel”,1,2
OK
AT+QSSLCFG=“sslversion”,1,4
OK
AT+QMTCFG=“ssl”,0,1,2
OK
AT+QMTCFG=“version”,0,4
OK
AT+QMTOPEN=0,“olsbergs-iot-test.azure-devices.net”,8883
OK
+QMTOPEN: 0,-1
I know that I don’t have the same module as in the example, but that shouldn’t change the way to set up the SSL connection? The only thing that I can’t verify is done the same way as in the example is the uploading of the certificate. I have arranged mine in this way:
const char baltimore2[] =
/* Baltimore CyberTrust Root --Used Globally–*/
// This cert should be used when connecting to Azure IoT on the Azure Cloud available globally. When in doubt, use this cert.
“-----BEGIN CERTIFICATE-----\r\n” “MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJ\r\n” “RTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYD\r\n” “VQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTAwMDUxMjE4NDYwMFoX\r\n” “DTI1MDUxMjIzNTkwMFowWjELMAkGA1UEBhMCSUUxEjAQBgNVBAoTCUJhbHRpbW9y\r\n” “ZTETMBEGA1UECxMKQ3liZXJUcnVzdDEiMCAGA1UEAxMZQmFsdGltb3JlIEN5YmVy\r\n”
“VHJ1c3QgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKMEuyKr\r\n”
“mD1X6CZymrV51Cni4eiVgLGw41uOKymaZN+hXe2wCQVt2yguzmKiYv60iNoS6zjr\r\n”
“IZ3AQSsBUnuId9Mcj8e6uYi1agnnc+gRQKfRzMpijS3ljwumUNKoUMMo6vWrJYeK\r\n”
“mpYcqWe4PwzV9/lSEy/CG9VwcPCPwBLKBsua4dnKM3p31vjsufFoREJIE9LAwqSu\r\n”
“XmD+tqYF/LTdB1kC1FkYmGP1pWPgkAx9XbIGevOF6uvUA65ehD5f/xXtabz5OTZy\r\n”
“dc93Uk3zyZAsuT3lySNTPx8kmCFcB5kpvcY67Oduhjprl3RjM71oGDHweI12v/ye\r\n” “jl0qhqdNkNwnGjkCAwEAAaNFMEMwHQYDVR0OBBYEFOWdWTCCR1jMrPoIVDaGezq1\r\n” “BE3wMBIGA1UdEwEB/wQIMAYBAf8CAQMwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3\r\n” “DQEBBQUAA4IBAQCFDF2O5G9RaEIFoN27TyclhAO992T9Ldcw46QQF+vaKSm2eT92\r\n”
“9hkTI7gQCvlYpNRhcL0EYWoSihfVCr3FvDB81ukMJY2GQE/szKN+OMY3EU/t3Wgx\r\n”
“jkzSswF07r51XgdIGn9w/xZchMB5hbgF/X++ZRGjD8ACtPhSNzkE1akxehi/oCr0\r\n”
“Epn3o0WC4zxe9Z2etciefC7IpJ5OCBRLbf1wbWsaY71k5h+3zvDyny67G7fyUIhz\r\n”
“ksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9HRCwBXbsdtTLS\r\n”
“R9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp\r\n”
“-----END CERTIFICATE-----”;
And then I end I from over UART. I can verify, using QFOPEN and QFREAD that the certificate looks the same in the modules RAM, but it might be faulty from the beginning. Should I use \r\n after every line or not? Is there something else that I’ve forgotten about? Have the SSL- or MQTT-procedures changed since the forum post was written last year?