+QMTOPEN: 0,-1 error


I tried the test this AT command, AT+QFDWL=“private.pem.key”
When the download file from aws server and the download file from EC25 module compare ,the end line things is different.

when I upload EC25 the private file using AT command, the end line is 0x0d 0x0a(hex value).

Same.


But aws has just 0A. It worked for me.

I took this error too many time when I fixed certificates and keys it is fixed. The others problems I dont know I am sory.

I think other file is same size except for your cacert.pem file.
image

Yes it is same. I did according to an example. So I used that name for AmazonRootCA1.

The file sizes of each key will be 1208 , 1244 and 1702. seems you are missing to add count on \r\n characters

@Kyson Hi~~

I’m using EC25 module. Doesn’t support AWS iot about it?

Yes, can support. Thanks!

@kyson
I think EC25E don’t connect to AWS iot server when AWS root certificate use.
Could you please try to connect to AWS iot using EC25E?
image

Dear Maker,
Please check the following document that we have test AWS iot server successful. Please check it. Thanks!
Quectel_EC2x&EG9x&EM05_MQTT_Application_Note_V1.1.pdf (843.5 KB)

Do it must be store Clientkey and clientcert in RAM?

Yes, i think it may need to upload the certificate file into the module RAM.

@Kyson

I was upload clientcert and clientkey file into the RAM of EC25, and the I didn’t test well.
If I’m not use the Amazon Root CA, Should I modified the AT+QSSLCFG value or Amazon iot core setting ?

Yes, of course, if you do not use root CA, it is no need to set the related parameters to CA certificate. Thanks!
You should according to your own application to adjust the parameters setting. Thanks!

I was used AT command when EC25 connect to AWS iot server without RootCA.
But I can’t connect to AWS iot server.


In the EC25 At command, Do I have the option(AT command) of using only the module’s RootCA without using AWS’s RootCA?

Could you please try to test using EC25 for me ? now?

Alert 61
It Looks like the Server certificate provided in the Server Hello wasn’t trusted by the client.

paste your full AT commands log

Hi everyone,
I am having the exact same problem with EC20CE, i am able to connect to third party mqtt brokers such as emqx and mosquitto with same commands but am unable to connect with aws iot core.
Below is my command trail:
CMD=AT+QFUPL=“RAM:cacert.pem”,1188,100
CMD=AT+QFUPL=“RAM:client.pem”,1220,100
CMD=AT+QFUPL=“RAM:user_key.pem”,1679,100
CMD=AT+QSSLCFG=“clientkey”,1,“RAM:user_key.pem”
CMD=AT+QSSLCFG=“cacert”,1,“RAM:cacert.pem”
CMD=AT+QSSLCFG=“clientcert”,1,“RAM:client.pem”
CMD=AT+QMTCFG=“ssl”,0,1,1
CMD=AT+QSSLCFG=“seclevel”,1,2
CMD=AT+QSSLCFG=“sslversion”,1,4
CMD=AT+QSSLCFG=“ciphersuite”,1,0xFFFF
CMD=AT+QSSLCFG=“ignorelocaltime”,1,1
CMD=AT+QICSGP=1,2,“jionet”,"","",0
CMD=AT+QIACT?
CMD=AT+QIACT=1
CMD=AT+QMTOPEN=0,“a3hs4751kw4ggn.iot.ap-south-1.amazonaws.com”,8883
The last command results in +QMTOPEN:0,-1
Any suggestion/help is gonna be a life saver.
please help.
Thanks

@WizIO @Kyson
I also have been stored in RAM the certificate.pem and private_key and it also doesn’t operate. without RootCA
This was log when certificate.pem and private_key upload to UFS.

EC25LOG : without RootCA

AT+QFDEL="*"

OK

AT+QFUPL=“certificate.pem.crt”,1224,100
CONNECT
+QFUPL: 1224,4c32
OK

AT+QFUPL=“private.pem.key”,1679,100
CONNECT
+QFUPL: 1679,45e
OK

AT+CFUN=1,1
OK

AT+QSSLCFG=“clientcert”,2,“certificate.pem.crt”
OK

AT+QSSLCFG=“clientkey”,2,“private.pem.key”
OK

AT+QSSLCFG=“seclevel”,2,2
OK

AT+QSSLCFG=“sslversion”,2,4
OK

AT+QSSLCFG=“ciphersuite”,2,0x0035
OK

AT+QSSLCFG=“ignorelocaltime”,2
+QSSLCFG: “ignorelocaltime”,2,1
OK

AT+QMTCFG=“SSL”,0,1,2
OK

AT+QMTOPEN=0,“a1e3xdzbjfucf9-ats.iot.us-east-2.amazonaws.com”,8883
OK

+QMTOPEN: 0,-1

Dear Maker_i,
In your test AT log, it is no need to use AT+CFUN=1,1, please delete it. Thanks!
How about upload the file to RAM, not UFS to have a try.
And please provide the certificate to me, and tell me which firmware version you used, then i can test it in my side to confirm where is the problem. Thanks!

The following test AT log just for your reference. Thanks!


@Kyson

I also have been stored in RAM the certificate.pem and private_key and it also doesn’t operate.

Was it tested using the EC25 module?

I can’t upload the files…(certificate, RooTCA…)
I want to send an email, could you give me a email?

Also, Could you please provide the Certificate,RootCA and privatekey to me?
email : ekkim@wiznet.io

Firmware Ver : EC25EFAR06A03M4G

[2020-03-27 10:47:26:735_S:] ATI

[2020-03-27 10:47:26:743_R:] Quectel
[2020-03-27 10:47:26:743_R:] EC25
[2020-03-27 10:47:26:743_R:] Revision: EC25EFAR06A03M4G