AnsweredAssumed Answered

SPWF04SA: Certificate Error: 11 trying to connect to AWS IoT

Question asked by Yongliang Zhan on Dec 13, 2017
Latest reply on Dec 18, 2017 by Gerardo Gallucci

Hi,

 

I am attempting to establish an MQTT connection with mutual TLS authentication to a AWS IoT Endpoint.

The command I use is AT+S.MQTTCONN=#####.iot.eu-west-1.amazonaws.com,443,,2,,,,,,,, (I only paste the hostname partially for security reasons).

There seems to be some issue validating the server-side certificate, since we always receive the following error:

AT-S.Certificate Error:11

According to UM2114, the error means Parsing the signature failed, but I fail to understand which certificate (client, server or ca) is failing.

I have already added the AWS IoT root certificate, client certificate and client private key into the filesystem, according to the convention specified in AN4963 (tls.cert, tls.key and <auth-id>.ca files).

It may be worth mentioning that even if no certificates are loaded, the same error is still shown; this leads me to believe the failure should occur when parsing the server certificate.

 

Is the problem caused by my wrong usage? Or is it a failure of the module?

Attached I send the certificate chain the endpoint sends and a screenshot with the result of AT+S.STS, hoping they may be useful.

 

Many thanks

Outcomes