LAUNCHXL-CC3235SF: AWS IoT core integrations with SDK 7_10

Hi,

Seems like parsing the root CA fails.

Where did you take the AWS plugin from? it has been deprecated from the repository already.

Shlomi

Hi,

I have tried this from direct example of cc3235sf(mqtt_client_over_tls_1_3_CC3235SF_LAUNCHXL_freertos_ticlang) and I didn't use any AWS plugins.

Could you please help me here how to achieve the Mqtt connection with AWS IoT Core.

Vamsi 

can you attach the certificate files you are using?

/***AmazonRootCA1.pem***/
-----BEGIN CERTIFICATE-----
MIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsF
ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6
b24gUm9vdCBDQSAxMB4XDTE1MDUyNjAwMDAwMFoXDTM4MDExNzAwMDAwMFowOTEL
MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv
b3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj
ca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM
9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qw
IFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6
VOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L
93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQm
jgSubJrIqg0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC
AYYwHQYDVR0OBBYEFIQYzIU07LwMlJQuCFmcx7IQTgoIMA0GCSqGSIb3DQEBCwUA
A4IBAQCY8jdaQZChGsV2USggNiMOruYou6r4lK5IpDB/G/wkjUu0yKGX9rbxenDI
U5PMCCjjmCXPI6T53iHTfIUJrU6adTrCC2qJeHZERxhlbI1Bjjt/msv0tadQ1wUs
N+gDS63pYaACbvXy8MWy7Vu33PqUXHeeE6V/Uq2V8viTO96LXFvKWlJbYK8U90vv
o/ufQJVtMVT8QtPHRh8jrdkPSHCa2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU
5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2xJNDd2ZhwLnoQdeXeGADbkpy
rqXRfboQnoZsG4q5WTP468SQvvG5
-----END CERTIFICATE-----

Hi,

I am sharing the RootCA1 file

Thanks

Hi,

can you remove the /***AmazonRootCA1.pem***/ and retest?

Generally, the error -8576 coming out from mbedtls_x509_crt_parse() can happen only during parsing of that rootCA certificate.

this error denotes an 'unsupported key encryption algorithm' which can happen only if there is another header like the '-----BEGIN CERTIFICATE-----' next to denote the encryption key type (if the certificate is passphrase protected). This could be for example 'Proc-Type: 4,ENCRYPTED' header but since you do not have it, I don't see how this error could happen.

Shlomi

Hi,

Sorry my mistake I have just put this(/***AmazonRootCA1.pem***/) in chat but in actually .pem file the string is not present.

And the key file is started with  '-----BEGIN CERTIFICATE-----', please let me know if anything I need to do.

Thanks

if after the -----BEGIN CERTIFICATE----- there is no other header denoting the certificate is protected by a passphrase, I do not have a logic explanation why you get this error.

According to the code, this error appears only in case it is password protected.

closing this thread and moving to the new thread you opened (https://e2e.ti.com/support/wireless-connectivity/wi-fi-group/wifi/f/wi-fi-forum/1422877/launchxl-cc3235sf-aws-iot-core-integrations-with-sdk-7_10)

Shlomi

Thank you 
I have updated all the details
Could you please help

Vamsi

I will reply on the other thread.