NimbeLink Skywire LTE CAT M1 Скачать руководство пользователя страница 27 | Manualshive

Страница: 27 / 28

background image

PN 1001933 rev 2

© NimbeLink Corp. 2022. All rights reserved.

27

6. Troubleshooting

6.1 HTTP Response Codes

6.1.1

403 Forbidden

If a connection can be established, but the AWS response to the "

GET

" command is "

403

Forbidden

", make sure that the current AWS policy is set to allow all IoT actions. This

can be done through the AWS IoT Console.

6.1.2

400 Bad Request

If a connection can be established, but the AWS response to the "

GET

" or "

POST

"

command is "

400 Bad Request

", make sure the syntax of the "

GET

" or "

POST

" command

is correct.

6.2 Verify Credentials

If for some reason the credentials for the AWS connection do not work,

can be

used to check their validity. This process is helpful for narrowing down the source of the
connection issue.

6.2.1

Testing AWS Credentials using OpenSSL

To test credentials with OpenSSL, first ensure that OpenSSL is properly installed on a
Linux or Windows system. Next, navigate to the directory that contains the certificates
that are being tested. Issue the following command to attempt a connection to AWS:

openssl s_client -servername

a272...amazonaws.com

-connect

a272...amazonaws.com

:8443 -CAfile

VeriSign-Class\ 3-Public-Primary-Certification-

Authority-G5.pem

-cert

8da6fe87f3-certificate.pem.crt

-key

8da6fe87f3-

private.pem.key

-certform PEM -keyform PEM

Be sure to replace any of the text in bold with unique certificate names, and the unique
AWS endpoint URL.

«
...
25
26
27
28
»

Содержание Skywire LTE CAT M1

Страница 1: ... and other errors may exist in this document NimbeLink reserves the right to modify or discontinue its products and to modify this and any other product documentation at any time All NimbeLink products are sold subject to its published Terms and Conditions subject to any separate terms agreed with its customers No warranty of any type is extended by publication of this documentation including but ...

Страница 2: ...ates 10 Certificate Uploading Using a Linux Environment 10 Certificate Uploading Using a Windows Environment 11 Verifying the Certificate Uploads 13 SSL Profile Configuration 14 Configure TCP IP Context 15 Connect to Amazon AWS 16 Opening an SSL Socket 16 Sending an HTTP Request 17 Reading an HTTP Response 18 Closing an SSL Socket 19 Working Examples 19 Initial Setup 19 Linux Certificate Upload 20...

Страница 3: ...PN 1001933 rev 2 NimbeLink Corp 2022 All rights reserved 3 HTTP Response Codes 27 403 Forbidden 27 400 Bad Request 27 Verify Credentials 27 Testing AWS Credentials using OpenSSL 27 ...

Страница 4: ...e the hostname in the server certificate 2 It does not validate X509v3 Extended Key Usage for the end certificate in the chain Because the SSL TLS stack does not validate the hostname the device will trust any host with a certificate signed by same global CA certificate authority if IP traffic is redirected to that server The module manufacturer is aware of these issues and is currently working on...

Страница 5: ...ree account please follow this link https aws amazon com free 2 2 Create a Policy The first step in the AWS connection process is to create a policy Login to the AWS IoT console at the following link https console aws amazon com iot and navigate to the Secure Policies menu Once there press the Create a policy button located near the center of the screen In the next page choose iot for the Action a...

Страница 6: ... 2022 All rights reserved 6 2 3 Create a Thing Next navigate to Manage Things using the menu on the left hand side of the dashboard Next select Create in the top right corner to make a new thing Refer to the image below for reference ...

Страница 7: ...eserved 7 After pressing the Create button select the Create a single thing option in the next page that loads In the following page enter a custom name in the appropriate box and then press the Next button The webpage should look something like this ...

Страница 8: ...d Download these certificates and save them in a convenient place Also be sure to download the Amazon AWS CA certificate as this will be needed for the TLS connection Next press the Activate button to assign the generated certificates to the thing Finally click Attach a policy to proceed to the next step Refer to the image below for reference Note The public and private key can only be downloaded ...

Страница 9: ...to the Thing After advancing to the next page attach the policy created in Section 2 2 to the thing created in Section 2 3 Refer to the image below as an example After each of the steps in Section 2 have been completed proceed to Section 3 for the Skywire configuration instructions ...

Страница 10: ...xt establish a connection to the modem using a preferred serial console Once the serial console has been setup properly issue the following command to read the contents of the modem s file system AT QFLST The terminal should respond with something similar to OK If the command returns the names of any files that currently exist on the file system it is recommended to delete them if they are not nee...

Страница 11: ... the contents of the certificate to the serial line which will then be stored in a file on the modem The serial line will respond with something similar to QFUPL 1758 384a Where 1758 is the number of bytes written and 384a is the checksum for the operation Repeat the four steps listed on the previous page until each of the three files have been uploaded Once the files are confirmed to have been up...

Страница 12: ... files cacert pem clientcert pem and clientkey pem so that they are quickly and easily distinguishable for later use 3 The serial terminal will respond with CONNECT and will wait for data to be entered This data will be entered using the Windows command prompt in step 4 4 First disconnect the serial terminal from the COM port that the modem is connected to Only one program can have access to the s...

Страница 13: ... QFOPEN cacert pem The terminal should respond with something similar to QFOPEN 1 Where cacert pem is replaced with the name of the file to be opened and 1 is the index in which the file was opened To read the contents of the opened file issue the following command AT QFREAD 1 Where 1 is replaced with the index that was listed in the response to the previous command The terminal will respond with ...

Страница 14: ... Configure the cipher suite AT QSSLCFG ciphersuite 1 0x0035 This command selects TLS_RSA_WITH_AES_256_CBC_SHA as the cipher suite used for the connection 2 Specify the paths to the certificates AT QSSLCFG cacert 1 ufs cacert pem AT QSSLCFG clientcert 1 ufs clientcert pem AT QSSLCFG clientkey 1 ufs clientkey pem Note Do not omit the ufs string in the filename If this is not included the certificate...

Страница 15: ...a TCP IP context must be defined To do so issue the following command replacing APN with the appropriate APN If using the QBG95 and Verizon as a carrier replace the red 1 with a 3 in the following commands thus using PDP context 3 for the data connection AT QICSGP 1 1 APN To ensure that the previous command was entered properly issue this command AT QICSGP 1 The modem should respond with something...

Страница 16: ... the thing that was created on the AWS website To do this navigate to the Things page using the menu on the left hand side of the AWS console page Click on the thing and then navigate to the Interact menu The correct menu should look something like this In the image above the URL for the device endpoint has been enclosed in a red rectangle Record whatever URL shows up in this page as it will be ne...

Страница 17: ...command to get more information about the error AT QIGETERROR The above command will return something similar to this QIGETERROR x error message Where x is replaced with the error code and error message is replaced with a relevant error message After the SSL socket has been successfully been opened Proceed to Section 4 2 4 2 Sending an HTTP Request After successfully opening an SSL socket use the ...

Страница 18: ...ng that the transmission succeeded Also note that the QSSLURC recv 1 URC indicates that an HTTP response was received Section 4 3 will detail how to read this response Another important item to note is the Content Length 115 line In this case the value of 115 indicates that 115 bytes of data are being sent through the socket This helps the endpoint know how many bytes to consider as data It is cru...

Страница 19: ... 5 Working Examples Section 5 contains two examples involving an HTTP POST and and HTTP GET operation involving the AWS cloud The certificate upload procedure will be demonstrated for both a Linux and a Windows environment however note that the remainder of the process after the certificate upload is identical for these two environments 5 1 Initial Setup This section details the configuration of t...

Страница 20: ...CONNECT cat VeriSign Class 3 Public Primary Certification Authority G5 pem dev ttyUSB0 QFUPL 1758 384a OK AT QFUPL ufs clientcert pem 1224 30 CONNECT cat 8da6fe87f3 certificate pem crt dev ttyUSB0 QFUPL 1224 7803 AT QFUPL ufs clientkey pem 1675 30 CONNECT cat 8da6fe87f3 private pem key dev ttyUSB0 QFUPL 1675 7c76 AT QFLST QFLST cacert pem 1758 QFLST clientcert pem 1224 QFLST clientkey pem 1675 OK ...

Страница 21: ...em 1758 30 CONNECT copy VeriSign Class 3 Public Primary Certification Authority G5 pem COM10 QFUPL 1758 384a OK AT QFUPL ufs clientcert pem 1224 30 CONNECT copy 8da6fe87f3 certificate pem COM10 QFUPL 1224 7803 AT QFUPL ufs clientkey pem 1675 30 CONNECT copy 8da6fe87f3 private pem key COM10 QFUPL 1675 7c76 AT QFLST QFLST cacert pem 1758 QFLST clientcert pem 1224 QFLST clientkey pem 1675 OK Once the...

Страница 22: ...cessfully uploaded configure the SSL profile AT QSSLCFG ciphersuite 1 0x0035 OK AT QSSLCFG sslversion 1 3 OK AT QSSLCFG cacert 1 ufs cacert pem OK AT QSSLCFG clientcert 1 ufs clientcert pem OK AT QSSLCFG clientkey 1 ufs clientkey pem OK AT QSSLCFG seclevel 1 2 OK AT QSSLCFG negotiatetime 1 300 OK AT QSSLCFG ignorelocaltime 1 0 OK ...

Страница 23: ...te APN AT QICSGP 1 1 APN OK AT QIACT 1 OK AT QIACT QIACT 1 1 1 100 xx yy zz OK Finally establish a connection with the AWS server AT QSSLOPEN 1 1 1 a272 amazonaws com 8443 0 OK QSSLOPEN 1 0 After completing the configuration steps proceed to either Section 5 2 or Section 5 3 for an HTTP POST example or an HTTP GET example respectively ...

Страница 24: ...HTTP 1 1 CTRL M CTRL J Host a272y7s3bxum89 iot us east 2 amazonaws com 8443 CTRL M CTRL J Content Type application json CTRL M CTRL J Content Length 115 CTRL M CTRL J CTRL M CTRL J state desired string1 TLS Connect to AWS string2 Using the built in stack string3 of the BG96 CTRL Z SEND OK QSSLURC recv 1 AT QSSLRECV 1 QSSLRECV 470 HTTP 1 1 200 OK content type application json content length 281 dat...

Страница 25: ...RL M CTRL J CTRL M CTRL J after the Content Length 115 line In other words insert two newline and carriage return sequences after this line Replace the AWS_TEST_THING identifier with the unique name assigned during the thing creation in Section 2 3 Replace the AWS endpoint a272 amazonaws com 8443 with the unique endpoint associated with the Amazon AWS account in use If the contents of the JSON are...

Страница 26: ...M CTRL J CTRL Z SEND OK QSSLURC recv 1 AT QSSLRECV 1 QSSLRECV 572 HTTP 1 1 200 OK content type application json content length 383 date Tue 24 Jul 2018 20 15 08 GMT x amzn RequestId d60d0ee6 0b59 7647 4aa6 b8d50ef05a84 connection keep alive state desired string1 TLS Connect to AWS string2 Using the built in stack string3 of the BG96 delta string1 TLS Connect to AWS string2 Using the built in stack...

Страница 27: ...nnection do not work OpenSSL can be used to check their validity This process is helpful for narrowing down the source of the connection issue 6 2 1 Testing AWS Credentials using OpenSSL To test credentials with OpenSSL first ensure that OpenSSL is properly installed on a Linux or Windows system Next navigate to the directory that contains the certificates that are being tested Issue the following...

Страница 28: ... respond with something similar to HTTP 1 1 200 OK content type application json content length 383 date Tue 24 Jul 2018 22 35 57 GMT x amzn RequestId 6ae1eb60 6910 9a7b e8b0 6c6d2904e239 connection keep alive state desired string1 TLS Connect to AWS string2 Using the built in stack string3 of the BG96 delta string1 TLS Connect to AWS string2 Using the built in stack string3 of the BG96 metadata d...

Отзывы:

Нет отзывов

Похожие инструкции для Skywire LTE CAT M1

Бренд: ZALMAN Страницы: 20

Бренд: 3xLogic Страницы: 2

Бренд: Magma Страницы: 2

Бренд: Magnadyne Страницы: 13

Бренд: NETGEAR Страницы: 169

Бренд: NA Страницы: 22

NI WLS/ENET-9163

Бренд: National Instruments Страницы: 36

Hotwire ATM Line Cards 8335

Бренд: Paradyne Страницы: 132

Бренд: ADS Technologies Страницы: 1

InnoMedia MTA 3328-2R

Бренд: VoiceLine Страницы: 18

LIQMAX III ELC-LMT120-ARGB

Бренд: ENERMAX Страницы: 32

Бренд: Xenteq Страницы: 16

Бренд: Maxtor Страницы: 2

Бренд: Hama Страницы: 25

Бренд: Infoblox Страницы: 16

IE-SW-PL09M-5GC-4GT

Бренд: Weidmuller Страницы: 15

Comet 3356P-LAN

Бренд: ZyXEL Communications Страницы: 38

Бренд: V-Count Страницы: 2

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды