Other Parts Discussed in Thread: CC3200
I am attempting to use the AWS IoT Core MQTT using the CC3220SF but seem to have a problem with a missing intermediate CA certificate.
These are my steps:
1. A device was onboarded with Iot Core which provided a Device Certificate and a Device Private Key.
2. The Root CA cert, device cert, and device private key were loaded into the CC3220SF module.
3. When connecting to the MQTT server, the processor reports SL_ERROR_BSD_ESEC_ASN_NO_SIGNER_E (-688) which translates as "ASN no signer to confirm failure". One forum post suggested that "a certificate in the chain could not be verified, likely because the CA programmed in the file system is not the CA that signed the chain."
That makes sense. IoT Core provided the Root CA cert but not the intermediate CA which was used to sign the device cert. Printing the certificate with OpenSSL gives:
Issuer: OU=Amazon Web Services O=Amazon.com Inc. L=Seattle ST=Washington C=US
Is this likely to be the source of the error?
Where does AWS save their intermediate certificates?