Hello,
I am facing a persistent issue when connecting my Quectel EG21-G module to AWS IoT Core using MQTT over SSL/TLS. I have verified that my AWS configuration, certificates, and policies are fully correct, because the same certificates work perfectly on Node-RED and MQTT Explorer.
However, when using the EG21-G, the module behaves inconsistently depending on how SSL is configured.
Problem Description (Technical Details)
1. MQTT broker opens successfully only when SSL is NOT configured using QMTCFG
If I reset the module and simply do:
AT+QMTOPEN=0,"a2l9aypytopjpa-ats.iot.ap-south-1.amazonaws.com",8883
I get:
OK
+QMTOPEN: 0,0
But when I attempt to connect:
AT+QMTCONN=0,"clientID"
I get:
+QMTCONN: 0,1
+QMTSTAT: 0,3 (Connection failed)
This means the port opens, but the SSL handshake fails afterward.
2. MQTT broker FAILS TO OPEN when SSL is configured using QMTCFG
If I configure SSL using:
AT+QMTCFG="ssl",0,1,2
OR
AT+QMTCFG="ssl",0,2
THEN execute:
AT+QMTOPEN=0,"a2l9aypytopjpa-ats.iot.ap-south-1.amazonaws.com",8883
I always get:
OK
+QMTOPEN: 0,-1
So the module cannot even open the MQTT socket once SSL parameters are linked to MQTT using QMTCFG.
3. Certificates are correctly uploaded and detected
AT+QFLST
"rootca.pem",1189
"client.pem",1222
"private.pem",1677
I am using:
QSSLCFG index = 0
QMTCFG index = 0
4. SSL configuration that succeeds (only for QMTOPEN)
If I configure SSL but DO NOT link it with QMTCFG, like:
AT+QSSLCFG="sslversion",0,4
AT+QSSLCFG="seclevel",0,2
AT+QSSLCFG="cacert",0,"rootca.pem"
AT+QSSLCFG="clientcert",0,"client.pem"
AT+QSSLCFG="clientkey",0,"private.pem"
and then:
AT+QMTCFG="ssl",0,0
Then:
AT+QMTOPEN = successful
AT+QMTCONN = always fails (QMTSTAT 3)
5. Summary of the Issue
Certificates are correct
(Verified with Node-RED and MQTT Explorer)
Problem occurs ONLY when SSL index is linked to MQTT using AT+QMTCFG