Connect module to Azure IoT Hub

hi, bilal_farooq:
I am very sorry that I cannot use it in China. If you still cannot solve your problem, I suggest that you describe the problem in detail and upload the related log, and then send an email to support@quectel.com.We will have relevant R&D to handle the exception and help for you.

ok thanks i will write an email.

Hello bilal_farooq, I’m not using the .pem file, but when I tested your program with this change:

AT+QMTCFG=“pdpcid”,1,2 → AT+QMTCFG=“pdpcid”,1,1

it works for me.

Hi Bilal,

Were you able to connect to an IoT Hub using DPS? I am wondering if you could share your AT log? I’m not sure where to put the IDscope of the DPS.

(post deleted by author)

Hi all,

I’m encountering an same issue while attempting to connect my BG95-M3 module to Azure IoT Hub using MQTT with SSL. While I can successfully establish a connection using the SAS token method, the connection fails when attempting to connect with certificates.

I’ve followed the example of mqtt with ssl [BG95&BG77&BG600L Series

MQTT Application Note ] guide, but I’m unable to open the TCP context linked to my SSL_Context. The AT+QMTOPEN command consistently returns +QMTOPEN: 0,-1.

I’ve verified that my certificates and keys are functioning correctly by successfully connecting to Azure IoT Hub from my computer using MQTTx, MQTTBox . Furthermore, I’ve confirmed that the certificate files stored within the BG95-M3 are also valid using its character length and following command.

AT+QFLST=“*”

+QFLST: “cacert.pem”,1233

+QFLST: “client.pem”,1237

+QFLST: “quecthingconfig_BAK.ini”,200

+QFLST: “security/”,2

+QFLST: “user_key.pem”,1704

I use Putty to load the self signed certificates on modem.

Here’s a snippet of my log:

RDY

+CFUN: 1

+CPIN: READY

+QUSIM: 1

+QIND: SMS DONE

APP RDY

AT+CREG=1;+CGREG=1;+CEREG=1

AT+CREG=1;+CGREG=1;+CEREG=1

OK

AT+COPS?

AT+COPS?

+COPS: 0,0,"AIRTEL",0

OK

AT+CGDCONT=1,"IP","airtelgprs.com"

AT+CGDCONT=1,"IP","airtelgprs.com"

OK

AT+QIACT=1

AT+QIACT=1

OK

AT+CGATT=1

AT+CGATT=1

OK

AT+CGPADDR

AT+CGPADDR

+CGPADDR: 1,100.126.62.164

OK

AT+CGREG?

AT+CGREG?

+CGREG: 1,1

OK

AT+QPING=1,"8.8.8.8"

AT+QPING=1,"8.8.8.8"

OK

+QPING: 0,"8.8.8.8",32,1437,255

+QPING: 0,"8.8.8.8",32,778,255

+QPING: 0,"8.8.8.8",32,515,255

+QPING: 0,"8.8.8.8",32,538,255

+QPING: 0,4,4,0,515,1437,817

AT+QIACT?

AT+QIACT?

+QIACT: 1,1,1,"100.126.62.164"

OK

AT+QFLST="*"

AT+QFLST="*"

+QFLST: "cacert.pem",1233

+QFLST: "client.pem",1237

+QFLST: "quecthingconfig_BAK.ini",200

+QFLST: "security/",2

+QFLST: "user_key.pem",1704

OK

AT+QSSLCFG="cacert",2,"UFS:cacert.pem"

AT+QSSLCFG="cacert",2,"UFS:cacert.pem"

OK

AT+QSSLCFG="clientcert",2,"UFS:client.pem"

AT+QSSLCFG="clientcert",2,"UFS:client.pem"

OK

AT+QSSLCFG="clientkey",2,"UFS:user_key.pem"

AT+QSSLCFG="clientkey",2,"UFS:user_key.pem"

OK

AT+QSSLCFG="seclevel",2,2

AT+QSSLCFG="seclevel",2,2

OK

AT+QMTCFG="ssl",0,1,2

AT+QMTCFG="ssl",0,1,2

OK

at+qmtcfg="version",0,4

at+qmtcfg="version",0,4

OK

AT+QSSLCFG="sslversion",2,3

AT+QSSLCFG="sslversion",2,3

OK

AT+QSSLCFG="ciphersuite",2,0XFFFF

AT+QSSLCFG="ciphersuite",2,0XFFFF

OK

AT+QSSLCFG="ignorelocaltime",2,1

AT+QSSLCFG="ignorelocaltime",2,1

OK

AT+QMTOPEN=0,"XT-IOT-HUB.azure-devices.net",8883

AT+QMTOPEN=0,"XT-IOT-HUB.azure-devices.net",8883

OK

+QMTOPEN: 0,-1

AT+QMTCONN=0,"xt-ts-004","XT-IOT-HUB.azure-devices.net/xt-ts-004/?api-version=2021-04-12"

AT+QMTCONN=0,"xt-ts-004","XT-IOT-HUB.azure-devices.net/xt-ts-004/?api-version=2021-04-12"

ERROR

I would appreciate any guidance or troubleshooting tips on resolving this connection issue.

add a configuration

AT+QSSLCFG=“sni”,2,1

Hi herbert,

Thank you for the reply, I will try this out.
Can you provide the source or documentation where you encountered the AT command AT+QSSLCFG=“sni”,2,1? I am interested in understanding its purpose and typical usage scenarios within Quectel cellular modules.

Hello,

I try AT+QSSLCFG=“sni”,2,1 this with device it is now working,
please check the following loges.

AT+QSSLCFG=“clientkey”,2,“UFS:user_key.pem”
AT+QSSLCFG=“clientkey”,2,“UFS:user_key.pem”

OK
AT+QSSLCFG=“sni”,2,1
AT+QSSLCFG=“sni”,2,1

OK
AT+QMTCFG=“ssl”,0,1,2
AT+QMTCFG=“ssl”,0,1,2

OK
at+qmtcfg=“version”,0,4
at+qmtcfg=“version”,0,4

OK
AT+QSSLCFG=“sslversion”,2,3
AT+QSSLCFG=“sslversion”,2,3

OK
AT+QSSLCFG=“ciphersuite”,2,0XFFFF
AT+QSSLCFG=“ciphersuite”,2,0XFFFF

OK
AT+QSSLCFG=“ignorelocaltime”,2,1
AT+QSSLCFG=“ignorelocaltime”,2,1

OK
AT+QMTOPEN=0,“pradeep .azure-devices.net”,8883
AT+QMTOPEN=0,“pradeep .azure-devices.net”,8883

OK

+QMTOPEN: 0,0
AT+QMTCONN=0,“myiotdevice1”,“pradeep .azure-devices.net/myiotdevice1/?api-version=2021-04-12”
AT+QMTCONN=0,“myiotdevice1”,“pradeep .azure-devices.net/myiotdevice1/?api-version=2021-04-12”

OK

+QMTSTAT: 0,1

QMTOPEN is successful,QMTCONN is fail,In most cases, the certificate may be entered incorrectly

Okay, Are there any definitive methods to verify the integrity and authenticity of the certificates stored on the modem? I have used the following commands to inspect the loaded certificates, which semes correct according to size in bytes.
Even the same certificates will work with MQTTx & MQTTBox.

AT+QFOPEN="cacert.pem"
AT+QFOPEN="cacert.pem"

+QFOPEN: 1

OK
AT+qfread=1,1233
AT+qfread=1,1233

CONNECT 1233
-----BEGIN CERTIFICATE-----
MIIDYTCCAkkCFET9qMma85lEnD5Gqiw8wUHkoHk/MA0GCSqGSIb3DQEBBQUAMG0x
CzAJBgNVBAYTAkNOMRMwEQYDVQQIDApteXByb3ZpbmNlMQ8wDQYDVQQHDAZteWNp
dHkxFzAVBgNVBAoMDm15b3JnYW5pemF0aW9uMRAwDgYDVQQLDAdteWdyb3VwMQ0w
CwYDVQQDDARteUNBMB4XDTI0MTIxNzIxMTgwNVoXDTI1MTIxNzIxMTgwNVowbTEL
MAkGA1UEBhMCQ04xEzARBgNVBAgMCm15cHJvdmluY2UxDzANBgNVBAcMBm15Y2l0
eTEXMBUGA1UECgwObXlvcmdhbml6YXRpb24xEDAOBgNVBAsMB215Z3JvdXAxDTAL
BgNVBAMMBG15Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAIxLX
nhrRUKed5+BaNNwtt99asjC0ZhfOlc0PbqldPujM0r7/2cV62vRVi7WpXOI9S6ij
U5vFgIalHhHj1tLigAbe7Qpp3QL7+G+AFNPq/eqKXNOyZ41JINTDkx3QPV6rIJSe
lqXf53YWTgqctr8SwY3Qx9dCPXrhsQvRDQCBHQuObIOKutURBNxkmFsYCFBQMdCe
4TJRqVxTzw9iRziNaLNXgpJ3RLNehBZBslrVt865g8J5pqVJ34Frvjq+CLP/FkrI
1f5NcIimIo2CBq4D+aX/gkG1k+AAl9FMX2dzEZw89QHLfdIIzqn2dRWZ6TF9QeVQ
Jv9Q20W2QKuKkhOrAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBAGE/Os6F9WJhIqQG
p5T1hzRPo2yj38ILwz4WgGQ6ChfDfmqNCUYePLdlN9o6zXIPAI57lfTTOJdmaSrq
7uvkZQxeFgHg9MurJTx4l9do43BT8G7bEEGdsFaAoue8PNRJRc7mcp9j5prqgOBx
IV1dh4vbUw997bFuB1sPXt5HPA/7CZOwSoViSit0teJC66kvlEVRar9kg/ovXYEe
pm7B4vIl+jMQDfcAfVk+xRUkw/DWRNtlnmmE6EaKciy0wBqjYBtLORtk2XPI8Tbb
UobhjpjA4smyeBeePKcu+ZC8+UMYMDKgzQks27x4aWieFFeatIWM1ulbUlILxucD
YrN9jbs=
-----END CERTIFICATE-----

OK
At+qfclose=1
At+qfclose=1

OK
AT+QFOPEN="client.pem"
AT+QFOPEN="client.pem"

+QFOPEN: 1

OK
AT+qfread=1,1237
AT+qfread=1,1237

CONNECT 1237
-----BEGIN CERTIFICATE-----
MIIDZTCCAk0CFE2Dd50xAfo9iudzOLXveQeeOlcgMA0GCSqGSIb3DQEBBQUAMG0x
CzAJBgNVBAYTAkNOMRMwEQYDVQQIDApteXByb3ZpbmNlMQ8wDQYDVQQHDAZteWNp
dHkxFzAVBgNVBAoMDm15b3JnYW5pemF0aW9uMRAwDgYDVQQLDAdteWdyb3VwMQ0w
CwYDVQQDDARteUNBMB4XDTI0MTIxNzIxMzg1N1oXDTI1MTIxNzIxMzg1N1owcTEL
MAkGA1UEBhMCQ04xEzARBgNVBAgMCm15cHJvdmluY2UxDzANBgNVBAcMBm15Y2l0
eTEXMBUGA1UECgwObXlvcmdhbml6YXRpb24xEDAOBgNVBAsMB215Z3JvdXAxETAP
BgNVBAMMCG15Q2xpZW50MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
5MuhA6MYY3/w/P2okFJV3hlfflnleU2O8Sy5hktfudV07QoAWNaIIM7tvMqjBF3m
/eqfFDVc09y6nWv29gdtL8I2odpDTV3dPCl7peSTvErgPjgPGENTgXI+3jKt1xkI
SWk7aWhEQaojq1fs4/zL5SeIXIehJrbX9UKUx8zqBGLyr6cBFvXjCtIN/HC/UMiP
XzIGAJhY4qCkh4OaivI84LzJwdPFjlAadxTlWuhZgXmmqsT+/OUgVtn+n/h3PUkj
EsjW/xYZD+dssIPWvOQyHkWe+W4qWxKU81eDbJ2bTONq/xklR0A+w+pf997l/n8T
/IcldCxZ4f7laF3HahAEbwIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQByO7pXzRen
q8Ymw5QWfvB6XYtHqYSCAOfnXUQq0wDz4l5IylwIDS4LqTRQQBXxm5qsExW7S3Ph
Y+/dMzoHSHFKMRSJCrFzRyF4MOcavQpaT4PYG6bPQICIuCEA1FWwz7t+CELoFt63
qtNmT/5l23jxxUbYwBsFUAWlLZxf/+3XgdNpOfRUpdp4QQHONlgFHLomteOtjnOn
m/DO3WhjD+FYQQXctuosRBZ9Y9DTTcMs5yEc+LHAr6PieEwM4x7ZuTI6BONPZY+P
dGHumEJ3rl+prZDI0e06jF6Ok/sFwh6ME46IQB0iPSwb2ZVE3C1CxAMeBsOKD7/I
4wNgm1l7UyrO
-----END CERTIFICATE-----

OK
At+qfclose=1
At+qfclose=1

OK
AT+QFOPEN="user_key.pem"
AT+QFOPEN="user_key.pem"

+QFOPEN: 1

OK
AT+qfread=1,1704
AT+qfread=1,1704

CONNECT 1704
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDAIxLXnhrRUKed
5+BaNNwtt99asjC0ZhfOlc0PbqldPujM0r7/2cV62vRVi7WpXOI9S6ijU5vFgIal
HhHj1tLigAbe7Qpp3QL7+G+AFNPq/eqKXNOyZ41JINTDkx3QPV6rIJSelqXf53YW
Tgqctr8SwY3Qx9dCPXrhsQvRDQCBHQuObIOKutURBNxkmFsYCFBQMdCe4TJRqVxT
zw9iRziNaLNXgpJ3RLNehBZBslrVt865g8J5pqVJ34Frvjq+CLP/FkrI1f5NcIim
Io2CBq4D+aX/gkG1k+AAl9FMX2dzEZw89QHLfdIIzqn2dRWZ6TF9QeVQJv9Q20W2
QKuKkhOrAgMBAAECggEAHi2kHlUeqzUljqocAASAzMwuUHrf0YXzmVFyyvNmYKyq
jiP6jLRyIyYpmGzVlLYacZGPpE+pONqYy23aANT+J0X/+PB3C+0DNKZvL56V2+QT
/GAw1BBrDaBoKsEnE/fVBcCb91N8LEXuXfnWCuAH9PSNHMzhZO3D05fRCP3SJXUv
o+xOVHJtH6z0jSEgoMFYbnDO28ljzg8ZFr5THSWN2FtX2dAHyLJ5r7aCCQbxxr41
GyAi8HtFchjQaNtHwHv9Ao2bOABWCjc5TxAmGmSodb6S8/hx048IRtatU6lvrebZ
hR1ZzQ6F0dCfY+CiInFzWIQ1O9Jf6szAiTuaq55U4QKBgQDrjkbDIHC1Hz+0g2bA
+483lqlOD9hpzzs1W1QYrdapgqcYUAw/163xwQTQkQQJaOGlZPUSeQOWHKuuSYQp
+M+YbMARYBC0eJM9uVvC7PlOG2zpZssyBuHnlwOvKAoj9fG00zznGoqdYVAdJJlx
KOCYaolFnTBQewXmlDywtYD5ewKBgQDQ0BeizTPHEwTXYfwyQAmNL7dZRMJQEjZm
KPuCnj1E+V4hS+xMQVfPWM1k42YidmDt+6aNb1OaPzF9sJJnbBJhsurVnfg6jlxU
l5HqD+GTFIS6WEBWqyrOzwXsriiH/OzJS/QRLk04aNQQPlSf6dG7gHlLmPFvA/EX
ylzzBIa/kQKBgG5TQfNMM12xmB3M2YiTif2INB3asArGw7123Al/CiZ0ihyKCWKx
esfbFo01DoX1uJHFmj8frL1XClXkGuGpplmGveKlcs2EF7p2IXNHmHCrybP7sDnr
HU1h3pjgEPfMzntZ4JGBTeDuXh54MOHeOmtIoqiXObTIGfhn/5DoQdMXAoGAfyxd
WM+1GydgKXUJzejmaFCJUBrqZS3SZ8HJ/DE3i4x8YbcFwSOCwUuKPEmqaI7EVeyP
8U++EREvqSci404Um+AF2fgNuEv/u51cRrtJXPSAKaWZ+a7hsXawWwdus/O8mpRh
nx0d9p8RmJr9my8ihxmlxf7t+/jgmuaqWW+GSaECgYEAgixexqZIo4BEBj6Odm2z
EvKe+Se8kqcXhxij58Dyo0rzuAxuvm4kd2t4yfp6V3zW6yjf6yZa6PIhGbEOtupO
lXaDoIfBab4eZBqV6rNuRA7YCidpieEyK/nPQCJkJgVCFpwOV1G9i5VncsnSGvdQ
r3FG4oZhpcjYJOsaClt3KTk=
-----END PRIVATE KEY-----

OK
At+qfclose=1
At+qfclose=1


Have you tried validation of MQTT.fx tool?

Yes, I have tested the certificates with the Mqtt.fx. The device get connected.
Please check the following screenshot.

This same device I tried with the Modem it wont connects. having same error of 0,3 for “AT+QMTCONN” command.

Could you please send this AT log to just me? I need to verify it

Which AT loges you want? I have generated loges with Qwin32 and normal with Qcom.

Yes, QCOM logs, or debug logs of other COM tools

LOG_for_AWS_AZURE.zip (10.5 MB)
Hi ,

I have uploaded .zip of Qwinlog file & Qcom logs for azure and aws device.

Please check,
Thank you

LOG_for_AWS_AZURE_wireshark.zip (15.2 KB)


RST from MQTT Server