MicroPython Forum (Archive)

Hi Kevin,

No I have not.

Might want to try that to be sure the AWS IOT works as expected and doesn't need weird workarounds

Hi

I followed all your instructions and I got a error that no body talks about i.
mbedtls_ssl_handshake error: -10

I post my code and you may find I'm missing something.

.....
certpem=open('/flash/cert').read()
privkey=open('/flash/key').read()
mqtt_server = 'a15azlxdxhvk5o-ats.iot.eu-west-1.amazonaws.com'
......
client = MQTTClient(client_id='esp32vroom', server=mqtt_server, port=8883, keepalive=10000, ssl=True, ssl_params={"key":privkey,"cert":certpem,"server_side":False})

I've checked that policies are ok:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "iot:*",
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "iot:Connect",
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "iot:Publish",
"Resource": "*"
}
]
}

may you help me?

Thanks

The error looks like it is related to AWS security. Check that your thing is activated on your IoT dashboard and the certs and keys are correct. The code looks like it should work.

Hi
thanks for your sooner reply.

I checked it with 2 different certifications and the result was the same I got error -10.

but on the other hand, when I used those certification key with other applications and enviroments works fine.
1.- Certification is a windows python SDK that provides AWS, and I executed .\start.ps1 and it works ok, because I see the message at the test console.
2.- Certification is general and I published and subscribed messages using pentaho-kettle, it's a open source platform.

just a simple question :
key = ESPDevice-private.pem.key
cert =ESPDevice-certificate.pem.key
is that correct?

and finally I'm using firmware:

Firmware built with ESP-IDF v3.x, with support for BLE, LAN and PPP:
GENERIC : esp32-idf3-20200411-v1.12-357-g740946736.bin

any clue just to try and unblock this situation?

Thanks

I found the error.

I run the posted code with firmware:
esp32-idf3-20200410-v1.12-357-g740946736.bin
esp32-idf3-20200404-v1.12-331-ge97bb58f0.bin

both I got error reported

however with the firmware esp32-idf3-20190529-v1.11.bin works perfectly.

this post help you

GUYS I FOUND THE SOLUTION!

Here are my learings:
In case you get the index out of bounds error message, it means your esp has no wifi connection.

If you get an error message like 'invalid key' (v1.12+) or your esp just reboots on the mqtt connect call (v1.11), you are most likely using the pem key and certificate that you downloaded from aws. I have seen this in so many examples, but IT JUST DOES NOT WORK! At least for me.

The solution (as mentioned earlier) is that you need to convert private key and certificate to a binary DER format like this (command line): The rest is the same.

Klabauterman wrote: ↑

Fri May 15, 2020 6:53 pm

GUYS I FOUND THE SOLUTION!

Here are my learings:
In case you get the index out of bounds error message, it means your esp has no wifi connection.
...

I get an index out of range error message, but my esp has wifi. I can do urequests and get back the website or API content.

I can't get past the "index out of range" or the "memory allocation" error depending on which version of MicroPython I try. Does this really work on a generic ESP32 without spiram?

It may be something simple I'm doing, but I can't see it. I've used all these pieces of code before, and am able to interact with non-AWS MQTT brokers. But I don't even get to the part where AWS tells me I'm not authorized. My error is always a system error in "simple.py".

The ESP32 doesn't have to use the binary (DER) key/certificate. People say that text versions work fine. I've tried both with same results. I've tried many idf3 and idf4 versions. Is this really working with idf4 V1.14?

Hi all,
I have AWS running on my M5Stack Cores in Micropython.
After several weeks of failed connections i found I had not set up IAM and COGNITO profiles as well as the IOT profiles.
Plain text cert and keys are working fine for me.

Which version of MicroPython are you using? Or are you using the trick MicroPython that comes with their UIFlow? That's actually a very cool system with many interface drivers built in. Have you seen the Core 2 with the integrated touchscreen? They bundle a lot of drivers with it that makes is very easy to use.

In my current project I need to use a HUZZAH32, and looks like it doesn't get far enough to talk to AWS.