Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

AWS ExpressLink not provisioning with SARA R510

0

We are using the SARA R510AWS in our smart controller. Just-in-time-provisioning used to work for the last year of production. Now it does not. We cannot establish a connection with the AWS Iot Core with our chips. We get these log errors. Basically we do not get a Certificate back.

7: RegS 7: RegR U_CELL_NET: connected after 139 second(s). U_CELL_NET: IP address "100.114.185.140". U_CELL_MQTT: trying to connect... U_CELL_MQTT: waiting for response for up to 120 second(s)... U_CELL_MQTT: error codes 13, 8. U_CELL_MQTT: error codes 13, 8. ATC_CONNECT: MQTT client unable to connect to cloud, result = -9. ATC_CONNECT: uMqttClientGetLastErrorCode(), result = 8. -1: NReg -1: NReg -1: NReg U_CELL_NET: disconnected. getCertificate() Failed to read device certificate.

Topics
Internet of Things (IoT)Security, Identity, & Compliance
Tags
AWS Certificate ManagerAWS IoT ExpressLinkAWS IoT Core
Language
English
asked a month ago28 views
1 Answer
0

Based on the logs you've provided, your AWS ExpressLink module (SARA R510AWS) is experiencing provisioning issues. The problem appears to be occurring at multiple levels:

  1. First, there were cellular connectivity issues (indicated by the "unable to register with the network" messages), though these were eventually resolved ("connected after 139 second(s)").

  2. After establishing cellular connectivity, the MQTT client failed to connect to AWS IoT Core with error codes 13 and 8.

  3. Finally, the device failed to read the certificate with the message "Failed to read device certificate."

This could be happening for several reasons:

  • The X.509 certificate on the device might be missing, corrupted, or expired. ExpressLink devices require a valid certificate that contains the device Unique ID in the Serial Number field, is signed by a registered Certificate Authority, and has an expiration date of at least 10 years.

  • The device might be failing to authenticate securely with AWS. This could happen if the AWS root certificate has expired.

  • The device certificate might not be present in your AWS IoT Core registry. This would prevent successful MQTT login.

  • There might be an issue with the endpoint configuration. The device might be trying to connect to the wrong AWS endpoint.

  • If your device was previously in the staging account and is now trying to connect to your production account, there might be an issue with the endpoint update process.

Since you mentioned this used to work for the past year, it's possible that:

  1. The certificate has expired
  2. The device has undergone an accidental factory reset and is trying to rejoin the staging account
  3. There's an issue with the policies attached to the device certificate
  4. The endpoint configuration has changed

I recommend checking:

  • The status of the device certificate in your AWS IoT Core registry
  • The policies attached to the certificate
  • Whether the device has been accidentally reset to factory settings
  • The endpoint configuration on the device

If the device has been factory reset, you may need to go through the onboarding process again to claim the module and transfer the certificate to your account.
Sources
9 Provisioning - AWS IoT ExpressLink
3 ExpressLink commands - ExpressLink
11 Provisioning - AWS IoT ExpressLink
3 ExpressLink commands - ExpressLink

answered a month ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content