M95R MQTT with SSL

at18 · February 15, 2023, 6:26pm

Hi,

I am trying to use MQTT with SSL with a M95R module (FW version M95RMAR01A02) and connect to Azure IoT Hub.
After a few days of troubleshooting, I was not able to figure out what is the issue.
If I use the same certificates with a third party MQTT client, everything works fine and I am able to successfully connect to the Azure IoT hub.

If I use MQTT without SSL with the M95R and try to connect to test.mosquitto.org (1883) all works fine, M95R connects successfully. It appears my issue is related to SSL.
Please find below the entire communication log with my M95R module (note : I am sending the data via UART from an MCU).
Any ideas/guidance would be much appreciated…

[SEND][   3][AT\r]
[RECV][   8][AT\r\nOK\r\n]
[SEND][   3][AT\r]
[RECV][  21][AT\r\nSMS Ready\r\n\r\nOK\r\n]
[SEND][   3][AT\r]
[RECV][   8][AT\r\nOK\r\n]
[SEND][   5][ATE0\r]
[RECV][  10][ATE0\r\nOK\r\n]
[SEND][   3][AT\r]
[RECV][   6][\r\nOK\r\n]
[SEND][  10][AT+CMEE=1\r]
[RECV][   6][\r\nOK\r\n]
[SEND][  11][AT+QISDE=0\r]
[RECV][   6][\r\nOK\r\n]
[SEND][  22][AT+QMTCFG="ssl",0,1,2\r]
[RECV][   6][\r\nOK\r\n]
[SEND][   9][AT+CPIN?\r]
[RECV][  22][\r\n+CPIN: READY\r\n\r\nOK\r\n]
[SEND][   8][AT+CFUN=]
[SEND][   1][1]
[SEND][   1][\r]
[RECV][   6][\r\nOK\r\n]
[SEND][   9][AT+CFUN?\r]
[RECV][  18][\r\n+CFUN: 1\r\n\r\nOK\r\n]
[SEND][   9][AT+CREG?\r]
[RECV][  20][\r\n+CREG: 0,0\r\n\r\nOK\r\n]
[SEND][   9][AT+CREG?\r]
[RECV][  20][\r\n+CREG: 0,0\r\n\r\nOK\r\n]
[SEND][   9][AT+CREG?\r]
[RECV][  20][\r\n+CREG: 0,1\r\n\r\nOK\r\n]
[SEND][  10][AT+CGREG?\r]
[RECV][  21][\r\n+CGREG: 0,1\r\n\r\nOK\r\n]
[SEND][  17][AT+QFLST="RAM:*"\r]
[RECV][   6][\r\nOK\r\n]

[SEND][  14][AT+QSECWRITE="]
[SEND][   4][RAM:]
[SEND][  16][root_ca_cert.pem]
[SEND][   2][",]
[SEND][   4][1261]
[SEND][   5][,100\r]
[RECV][  11][\r\nCONNECT\r\n]
[SEND][1261][-----BEGIN CERTIFICATE-----\nMIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJ\nRTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYD\nVQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTAwMDUxMjE4NDYwMFoX\nDTI1MDUxMjIzNTkwMFowWjELMAkGA1UEBhMCSUUxEjAQBgNVBAoTCUJhbHRpbW9y\nZTETMBEGA1UECxMKQ3liZXJUcnVzdDEiMCAGA1UEAxMZQmFsdGltb3JlIEN5YmVy\nVHJ1c3QgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKMEuyKr\nmD1X6CZymrV51Cni4eiVgLGw41uOKymaZN+hXe2wCQVt2yguzmKiYv60iNoS6zjr\nIZ3AQSsBUnuId9Mcj8e6uYi1agnnc+gRQKfRzMpijS3ljwumUNKoUMMo6vWrJYeK\nmpYcqWe4PwzV9/lSEy/CG9VwcPCPwBLKBsua4dnKM3p31vjsufFoREJIE9LAwqSu\nXmD+tqYF/LTdB1kC1FkYmGP1pWPgkAx9XbIGevOF6uvUA65ehD5f/xXtabz5OTZy\ndc93Uk3zyZAsuT3lySNTPx8kmCFcB5kpvcY67Oduhjprl3RjM71oGDHweI12v/ye\njl0qhqdNkNwnGjkCAwEAAaNFMEMwHQYDVR0OBBYEFOWdWTCCR1jMrPoIVDaGezq1\nBE3wMBIGA1UdEwEB/wQIMAYBAf8CAQMwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3\nDQEBBQUAA4IBAQCFDF2O5G9RaEIFoN27TyclhAO992T9Ldcw46QQF+vaKSm2eT92\n9hkTI7gQCvlYpNRhcL0EYWoSihfVCr3FvDB81ukMJY2GQE/szKN+OMY3EU/t3Wgx\njkzSswF07r51XgdIGn9w/xZchMB5hbgF/X++ZRGjD8ACtPhSNzkE1akxehi/oCr0\nEpn3o0WC4zxe9Z2etciefC7IpJ5OCBRLbf1wbWsaY71k5h+3zvDyny67G7fyUIhz\nksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9HRCwBXbsdtTLS\nR9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp\n-----END CERTIFICATE-----\n]
[RECV][  31][\r\n+QSECWRITE: 1261,7e6f\r\n\r\nOK\r\n]

[SEND][  14][AT+QSECWRITE="]
[SEND][   4][RAM:]
[SEND][  11][ca_cert.pem]
[SEND][   2][",]
[SEND][   3][579]
[SEND][   5][,100\r]
[RECV][  11][\r\nCONNECT\r\n]
[SEND][ 579][-----BEGIN CERTIFICATE-----\nMIIBfjCCASWgAwIBAgIUN4GGfTSU1JMslXS062LletnpgcYwCgYIKoZIzj0EAwIw\nFTETMBEGA1UEAwwKQ0EgR3JvdXAgMTAeFw0yMzAyMTQxNDMzMTNaFw0zMzAyMTEx\nNDMzMTNaMBUxEzARBgNVBAMMCkNBIEdyb3VwIDEwWTATBgcqhkjOPQIBBggqhkjO\nPQMBBwNCAASvoCKAsgRL579Zxtk30mf/xfFyyuC5GM/E2DtdcTq+1g/SpOdQN2hG\nlj07HlQ1R+n80X1FgWWaxmM5qE4hm7OVo1MwUTAdBgNVHQ4EFgQU4pJLUljGOkjf\nRGuvK34Gz9fh+RQwHwYDVR0jBBgwFoAU4pJLUljGOkjfRGuvK34Gz9fh+RQwDwYD\nVR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAgNHADBEAiAXE8WbuwaggvwPCYSniCLk\nms17oqN1pwTFB7g52vouGwIgR3CIXGZ1jl78G/q78tPGNxCRHmOofXsP64kdiiFF\nBCU=\n-----END CERTIFICATE-----\n]
[RECV][  30][\r\n+QSECWRITE: 579,6362\r\n\r\nOK\r\n]

[SEND][  14][AT+QSECWRITE="]
[SEND][   4][RAM:]
[SEND][  15][device_cert.pem]
[SEND][   2][",]
[SEND][   3][449]
[SEND][   5][,100\r]
[RECV][  11][\r\nCONNECT\r\n]
[SEND][ 449][-----BEGIN CERTIFICATE-----\nMIIBHjCBxQIUK6GRBqaBIIme5EjBLUR5FBmgcvYwCgYIKoZIzj0EAwIwFTETMBEG\nA1UEAwwKQ0EgR3JvdXAgMTAeFw0yMzAyMTQxNDM3MzRaFw0yNDAyMTQxNDM3MzRa\nMA8xDTALBgNVBAMMBE05NVIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASXwfW2\nq35Fa+yJjdGn70i2MZZXYkCNf/bvydyn2TpclkunBUCN5XA5QQRSx9QQkAgTnBQ1\n+gVuSmG2hJUvgk/bMAoGCCqGSM49BAMCA0gAMEUCIHQSwJuZoDE7VMc6NUE4QtaT\n13fnz0d7tMYlfHmRe0nHAiEAgnh0fDaYBiSNQ4qp3cBY9UPRZyo5ZhQEF4xXxwFX\nsXg=\n-----END CERTIFICATE-----\n]
[RECV][  30][\r\n+QSECWRITE: 449,4f4f\r\n\r\nOK\r\n]

[SEND][  14][AT+QSECWRITE="]
[SEND][   4][RAM:]
[SEND][  14][device_key.pem]
[SEND][   2][",]
[SEND][   3][302]
[SEND][   5][,100\r]
[RECV][  11][\r\nCONNECT\r\n]
[SEND][ 302][-----BEGIN EC PARAMETERS-----\nBggqhkjOPQMBBw==\n-----END EC PARAMETERS-----\n-----BEGIN EC PRIVATE KEY-----\nMHcCAQEEIHn3VNBufBZ01H3JZFyiUKGo74Xp2a+jFj1abGLhH3LMoAoGCCqGSM49\nAwEHoUQDQgAEl8H1tqt+RWvsiY3Rp+9ItjGWV2JAjX/278ncp9k6XJZLpwVAjeVw\nOUEEUsfUEJAIE5wUNfoFbkphtoSVL4JP2w==\n-----END EC PRIVATE KEY-----\n]
[RECV][  30][\r\n+QSECWRITE: 302,241f\r\n\r\nOK\r\n]
[SEND][  17][AT+QFLST="RAM:*"\r]
[RECV][ 127][\r\n+QFLST: "RAM:root_ca_cert.pem",1265,1265\r\n\r\n+QFLST: "RAM:ca_cert.pem",583,583\r\n\r\n+QFLST: "RAM:device_cert.pem",453,453\r\n\r\n+QF]
[RECV][  41][LST: "RAM:device_key.pem",306,306\r\n\r\nOK\r\n]

[SEND][  12][AT+QIMODE=0\r]
[RECV][   6][\r\nOK\r\n]
[SEND][  11][AT+QICSGP?\r]
[RECV][  20][\r\n+QICSGP: 1\r\n\r\nOK\r\n]
[SEND][  39][AT+QICSGP=1,"live.vodafone.com","live"\r]
[RECV][   6][\r\nOK\r\n]
[SEND][  11][AT+QICSGP?\r]
[RECV][  20][\r\n+QICSGP: 1\r\n\r\nOK\r\n]
[SEND][  12][AT+QIREGAPP\r]
[RECV][   6][\r\nOK\r\n]
[SEND][  13][AT+QIREGAPP?\r]
[RECV][  50][\r\n+QIREGAPP: "live.vodafone.com","live",""\r\n\r\nOK\r\n]
[SEND][  11][AT+QIACT=?\r]
[RECV][   6][\r\nOK\r\n]
[SEND][   9][AT+QIACT\r]
[RECV][   6][\r\nOK\r\n]
[SEND][  11][AT+QIACT=?\r]
[RECV][   6][\r\nOK\r\n]
[SEND][  11][AT+QILOCIP\r]
[SEND][  11][AT+QISTATE\r]
[RECV][  23][\r\n10.118.115.98\r\n\r\nOK\r\n]
[URC^][   2][\r\n]
[URCv][   2][\r\n]
[URC^][  18][STATE: IP STATUS\r\n]
[URCv][  18][STATE: IP STATUS\r\n]
[SEND][  23][AT+QSSLCFG="cacert",2,"]
[SEND][   4][RAM:]
[SEND][  16][root_ca_cert.pem]
[SEND][   2]["\r]
[RECV][   6][\r\nOK\r\n]
[SEND][  27][AT+QSSLCFG="clientcert",2,"]
[SEND][   4][RAM:]
[SEND][  15][device_cert.pem]
[SEND][   2]["\r]
[RECV][   6][\r\nOK\r\n]
[SEND][  26][AT+QSSLCFG="clientkey",2,"]
[SEND][   4][RAM:]
[SEND][  14][device_key.pem]
[SEND][   2]["\r]
[RECV][   6][\r\nOK\r\n]
[SEND][  26][AT+QSSLCFG="seclevel",2,2\r]
[RECV][   6][\r\nOK\r\n]
[SEND][  28][AT+QSSLCFG="sslversion",2,4\r]
[RECV][   6][\r\nOK\r\n]
[SEND][  36][AT+QSSLCFG="ciphersuite",2,"0xFFFF"\r]
[RECV][   6][\r\nOK\r\n]
[SEND][  29][AT+QSSLCFG="ignorertctime",1\r]
[RECV][   6][\r\nOK\r\n]

// Info start
[SEND][   4][ATI\r]
[RECV][  59][\r\nQuectel_Ltd\r\nQuectel_M95R\r\nRevision: M95RMAR01A02\r\n\r\nOK\r\n]
[SEND][   9][AT+QCCID\r]
[RECV][  30][\r\n8940012205503195448F\r\n\r\nOK\r\n]
[SEND][   8][AT+CIMI\r]
[RECV][  25][\r\n226013650319544\r\n\r\nOK\r\n]
[SEND][   9][AT+CPIN?\r]
[RECV][  22][\r\n+CPIN: READY\r\n\r\nOK\r\n]
[SEND][   8][AT+CGMM\r]
[RECV][  22][\r\nQuectel_M95R\r\n\r\nOK\r\n]
[SEND][   8][AT+CGMR\r]
[RECV][  32][\r\nRevision: M95RMAR01A02\r\n\r\nOK\r\n]
[SEND][   7][AT+GSN\r]
[RECV][  25][\r\n865234061526017\r\n\r\nOK\r\n]
[SEND][   9][AT+CCLK?\r]
[RECV][  39][\r\n+CCLK: "04/01/01,00:00:13+00"\r\n\r\nOK\r\n]
[SEND][   9][AT+COPS?\r]
[RECV][  34][\r\n+COPS: 0,0,"Vodafone RO"\r\n\r\nOK\r\n]
[SEND][   7][AT+CSQ\r]
[RECV][  20][\r\n+CSQ: 25,0\r\n\r\nOK\r\n]
[SEND][  10][AT+CGREG?\r]
[RECV][  21][\r\n+CGREG: 0,1\r\n\r\nOK\r\n]
[SEND][  10][AT+QIACT?\r]
[RECV][   9][\r\nERROR\r\n]
[SEND][  10][AT+CGATT?\r]
[RECV][  19][\r\n+CGATT: 1\r\n\r\nOK\r\n]
[SEND][  11][AT+CGPADDR\r]
[RECV][  18][\r\n+CME ERROR: 49\r\n]
[SEND][  13][AT+CGCONTRDP\r]
[RECV][  18][\r\n+CME ERROR: 58\r\n]
[SEND][  19][AT+QMTCFG="will",0\r]
[RECV][  20][\r\n+QMTCFG: 0\r\n\r\nOK\r\n]
[SEND][  22][AT+QMTCFG="timeout",0\r]
[RECV][  24][\r\n+QMTCFG: 5,3,0\r\n\r\nOK\r\n]
[SEND][  22][AT+QMTCFG="session",0\r]
[RECV][  20][\r\n+QMTCFG: 1\r\n\r\nOK\r\n]
[SEND][  24][AT+QMTCFG="keepalive",0\r]
[RECV][  22][\r\n+QMTCFG: 120\r\n\r\nOK\r\n]
[SEND][  18][AT+QMTCFG="ssl",0\r]
[RECV][  22][\r\n+QMTCFG: 1,2\r\n\r\nOK\r\n]
// Info end

[SEND][  12][AT+QMTOPEN?\r]
[RECV][   6][\r\nOK\r\n]
[SEND][  14][AT+QMTCLOSE=0\r]
[RECV][   9][\r\nERROR\r\n]
[SEND][  13][AT+QMTOPEN=0,]
[SEND][   1]["]
[SEND][  28][demohub.azure-devices.net]
[SEND][   2][",]
[SEND][   4][8883]
[SEND][   1][\r]
[RECV][   6][\r\nOK\r\n]
[URC^][   2][\r\n]
[URCv][   2][\r\n]
[URC^][  15][+QMTOPEN: 0,0\r\n]
[URCv][  15][+QMTOPEN: 0,0\r\n]

[SEND][  12][AT+QMTOPEN?\r]
[RECV][  57][\r\n+QMTOPEN: 0,"demohub.azure-devices.net",8883\r\n\r\nOK\r\n]
[SEND][  11][AT+QMTCONN=]
[SEND][   2][0,]
[SEND][   1]["]
[SEND][   4][M95R]
[SEND][   1]["]
[SEND][   1][,]
[SEND][   1]["]
[SEND][  33][demohub.azure-devices.net/M95R]
[SEND][   1]["]
[SEND][   1][\r]
[RECV][   6][\r\nOK\r\n]
[URC^][   2][\r\n]
[URCv][   2][\r\n]
[URC^][  15][+QMTSTAT: 0,1\r\n]
[URCv][  15][+QMTSTAT: 0,1\r\n]

at18 · February 25, 2023, 1:05am

I solved the issue by changing the MQTT protocol version to 3.1.1.
The default MQTT protocol version is 3.1.0, and this is preventing the M95R from connecting to Azure IoT Hub.

The topic can be closed,
Thanks.

Tayyab_Asim · January 29, 2024, 7:25am

Hello dear…
I am trying to connect gsm m95r with azure iot hub… my server is public so ne need of any SSL certificate… I successfully connected with hub using AT+QMTOPEN=0 but I am facing issue to connect the device with it using AT+QMTCONN=0… this command does not execute and I see QMTSTAT0,1 and data do not publish on server… any help will be grateful