Connecting EC200 to AWS mqtt broker

I’m trying to connect my module to AWS iot core but I always get +QMTOPEN: 0,4 after AT+QMTOPEN=0,"a2wfoe9ldvva0z-ats.iot.sa-east-1.amazonaws.com",8884.

I uploaded the client certificate and key that aws gave me when I created a thing, and I am using the CA1 root certificate. Are those ok?
This is my script:

CMD=AT+QICSGP=1,1,"wap.gprs.unifon.com.ar","","",0
CMD=AT+QMTCFG="recv/mode",0,0,1
CMD=AT+QMTCFG="SSL",0,1,2
CMD=AT+QSSLCFG="cacert",2,"UFS:cacert.pem"
CMD=AT+QSSLCFG="clientcert",2,"UFS:client.pem"
CMD=AT+QSSLCFG="clientkey",2,"UFS:user_key.pem"
CMD=AT+QSSLCFG="seclevel",2,2
CMD=AT+QSSLCFG="sslversion",2,4
AT+QSSLCFG="sni",2,1
CMD=AT+QSSLCFG="ciphersuite",2,"0xFFFF"
CMD=AT+QSSLCFG="ignorelocaltime",2,1
CMD=AT+QMTOPEN=0,"a2wfoe9ldvva0z-ats.iot.sa-east-1.amazonaws.com",8884

Am I doing something wrong? Did I miss something?

Hi @Juan_Flores
You need to upload the certificate to the module via AT+QFUPL command first, and then configure the certificate via AT+QSSLCFG command.

1 Like

Are these certificates and key one time programmable?Also this SSL configurations,do we need do it everytime if power on/off done?

Hii i had generated the certificate how can i upload to the module where should i keep the path
[2024-12-28 15:39:10:478_R:] +QPING: 0,4,4,0,291,547,374
[2024-12-28 15:39:56:780_S:] AT+QFLST=“UFS:"
[2024-12-28 15:39:56:780_R:] AT+QFLST="UFS:

[2024-12-28 15:39:56:790_R:] +QFLST: “UFS:boot”,15004
[2024-12-28 15:39:56:800_R:] +QFLST: “UFS:firm”,286000
[2024-12-28 15:39:56:800_R:] +QFLST: “UFS:gnss_data”,4644
[2024-12-28 15:39:56:800_R:] +QFLST: “UFS:gnss_loca”,47
[2024-12-28 15:39:56:800_R:] +QFLST: “UFS:gnss_time”,21
[2024-12-28 15:39:56:800_R:] +QFLST: “UFS:agps_1_0.txt”,5288

[2024-12-28 15:39:56:800_R:] OK
[2024-12-28 15:40:51:143_S:] AT+QFUPL=“UFS:AmazonRootCA1.pem”,1187,10
[2024-12-28 15:40:51:143_R:] AT+QFUPL=“UFS:AmazonRootCA1.pem”,1187,10

[2024-12-28 15:40:51:153_R:] CONNECT
[2024-12-28 15:41:01:151_R:] +QFUPL: 0,0000

[2024-12-28 15:41:01:161_R:] +CME ERROR: 421
iam getting this type of response