• State Resolved
  • Locked Locked
  • Replies 5 replies
  • Answers 1 answer
  • Subscribers 40 subscribers
  • Views 565 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

CCS/CC3200: CC3200 TLS1.2 Error Code -155

Ganesh Gurung58
Intellectual 725 points
Part Number: CC3200

Tool/software: Code Composer Studio

Hi there

I have downloaded the root_ca, certificate and private key from AWS amazon server. After generating and flashing the "certflasher.out" as described in read_cc3200.md and flashing the example from SDK as below

"Select Run menu -> Load -> Load Program…, and browse to the file subscribe_publish_sample.out in <AWS_INSTALL_DIR>/samples/tirtos/subscribe_publish_sample/cc3200. Hit OK. This will load the program onto the board. (The same procedure applies to other samples by substituting subscribe_publish_sample)"

I have got an error code (-155) while trying to connect to AWS amazon server.

I am using the

- "aws-iot-device-sdk-embedded-c" version "(v2.1.0-ti)"

- service pack version: "servicepack_1.0.1.13-2.11.0.1.bin"

- Signature Algorithm: sha256WithRSAEncryption

Thanks

Ganesh

  • 0
    Intellectual 725 points
    Hi there,
    One interesting thing i found in the AWS IOT connection is that
    if i use below setting then it can connect.
    a) VeriSign Class 3 Public Primary G5 root CA certificate
    b) XXXXXXXXXX.iot.XXXXXXXX.amazonaws.com

    But if i use below setting then never connect.
    a) RSA 2048 bit key: Amazon Root CA 1
    b)XXXXXXXXXX-ats.iot.XXXXXXXX.amazonaws.com

    By the way what chiper do you set and where do you set it.

    Is it in "iot_tls_connect" function.

    Thanks
    Ganesh
  • 0 in reply to Ganesh Gurung58
    TI__Mastermind 40965 points
    Hi Ganesh,

    The cipher is not specified by default, which means that the NWP will automatically negotiate a suitable cipher to use with the server.

    The connection problems when connecting to the *-ats* Amazon AWS endpoints is something known, and it is recommended that you keep using the non-ats endpoints with the Verisign Class 3 Public Primary G5 root CA cert for the time being.

    Regards,
    Michael
  • 0 in reply to Michael Reymond
    Intellectual 725 points

    Hi Michael,

                      Is there any new update coming which support the *-ats* Amazon AWS endpoints?. Is it possible to implement the mbedtls in cc3200 and if it is then is there any project having mbedtls supporting the AWS IOT in cc3200.

    Thanks

    Ganesh

  • 0 in reply to Ganesh Gurung58
    TI__Mastermind 40965 points
    Hi Ganesh,

    We are looking into why the *-ats* endpoints do not work, however there is currently no timeline on when such an effort would be completed.

    It is possible to implement mbedtls with the CC3200. Given that we have a full TCP/IP stack implementation with TLS support within the NWP I don't know why you would want to do so. As such, we do not have an example demonstrating how you would run mbedtls on the CC3200.

    Regards,
    Michael
  • 0 in reply to Michael Reymond
    Intellectual 725 points
    Hi Michael,
    mbedTls can support the chiper that amazon aws iot is using for connection. But the problem is that even if i implemented the mbedtls in cc3200 then the cryptographic encryption and decryption will be doing in the operating system rather than in hardware acceleration i guess and it is not the good approach. So at the moment we are not implementing the mbedtls. I believe TI will come up with the solution.

    Thanks
    Ganesh