Tracker on AWS IOT

Hi all,

I am trying to use Tracker One with the AWS IOT core.
Just wondering if anyone has got this to work?

I basically tested my AWS setup with MQTT explorer. I am able to connect, subscribe to the topic and can both send and receive data. So basically I can confirm that my config, and the certs all work.

But I am not able to get it to work with the MQTT-TLS library. Tried to modify from the sample code a2-example.ino but it just does not connect. I am not even sure why it does not connect. Is there anyway to check where does the connection fail?

Managed to get the debugging statements out.
I am using the MQTT-TLS library.
It seems to me that the certs are accepted but for some reason the connection will not go through.

I have narrowed it down in the MQTT-TLS.cpp file in the connect function Line 176.

uint8_t llen;
uint16_t len = readPacket(&llen);

if (len == 4 && buffer[3] == 0) {
lastInActivity = millis();
pingOutstanding = false;
debug_tls(“MQTT connected.\n”);
return true;
}

I did a Serial print out for the value of len and buffer[3]
I got len = 65535 and buffer = 16 which will basically means that disconnect() will run and the connection is stopped.

Anybody have an idea why?

Below is the output from my Serial

Serial monitor opened successfully:
tls enable
hand shake start
Verify requested for (Depth 2):
cert. version : 3
serial number : 06:6C:9F:CF:99:BF:8C:0A:39:E2:F0:78:8A:43:E6:96:36:5B:CA
issuer name : C=US, O=Amazon, CN=Amazon Root CA 1
subject name : C=US, O=Amazon, CN=Amazon Root CA 1
issued on : 2015-05-26 00:00:00
expires on : 2038-01-17 00:00:00
signed using : RSA with SHA-256
RSA key size : 2048 bits
basic constraints : CA=true
key usage : Digital Signature, Key Cert Sign, CRL Sign
This certificate has no flags
Verify requested for (Depth 1):
cert. version : 3
serial number : 06:7F:94:57:85:87:E8:AC:77:DE:B2:53:32:5B:BC:99:8B:56:0D
issuer name : C=US, O=Amazon, CN=Amazon Root CA 1
subject name : C=US, O=Amazon, OU=Server CA 1B, CN=Amazon
issued on : 2015-10-22 00:00:00
expires on : 2025-10-19 00:00:00
signed using : RSA with SHA-256
RSA key size : 2048 bits
basic constraints : CA=true, max_pathlen=0
key usage : Digital Signature, Key Cert Sign, CRL Sign
This certificate has no flags
Verify requested for (Depth 0):
cert. version : 3
serial number : 0F:05:7A:FC:F2:AC:D3:97:D7:E8:44:78:E5:83:D3:88
issuer name : C=US, O=Amazon, OU=Server CA 1B, CN=Amazon
subject name : CN=*.iot.ap-southeast-1.amazonaws.com
issued on : 2021-08-25 00:00:00
expires on : 2022-07-27 23:59:59
signed using : RSA with SHA-256
RSA key size : 2048 bits
basic constraints : CA=false
subject alt name : iot.ap-southeast-1.amazonaws.com, *.iot.ap-southeast-1.amazonaws.com
key usage : Digital Signature, Key Encipherment
ext key usage : TLS Web Server Authentication, TLS Web Client Authentication
This certificate has no flags
handshake done, ret = 0
tls connected
netWrite!!
mqtt disconnected
netWrite!!
tls close
mqtt disconnected
netWrite!!

Hi,

I think this debug message is maybe AWS root ca or private key TLS authentication error. Please check your root ca&private key.

Thank you.