ERROR: MQTT echo failed to connect with error 1. on STM32L4

webcow wrote on December 09, 2018:

Hi there,
I play around with the STM32L475 MUC Discovery Kit. I followed through the AWS instructions (https://docs.aws.amazon.com/freertos/latest/userguide/getting_started_st.html) and prerequisites. (https://docs.aws.amazon.com/freertos/latest/userguide/freertos-prereqs.html). And after some googling I am still not smarter.

Here is my output of the terminal:

0 521 [Tmr Svc] WiFi module initialized.
1 532 [Tmr Svc] Write code signing certificate…
2 543 [Tmr Svc] Key provisioning done…
3 3513 [Tmr Svc] WiFi connected to AP aristotle.
4 3517 [Tmr Svc] IP Address acquired 192.168.19.57
5 3522 [Tmr Svc] WiFi firmware version is: C3.5.2.5
6 3527 [Tmr Svc] WiFi firmware is up-to-date.
7 3531 [Tmr Svc] Creating MQTT Echo Task…
8 3535 [MQTTEcho] MQTT echo attempting to connect to <>-ats.iot.eu-central-1.amazonaws.com.
9 3591 [MQTTEcho] ERROR: MQTT echo failed to connect with error 1.
10 3597 [MQTTEcho] MQTT echo test could not connect to broker.
11 3602 [MQTTEcho] MQTT echo demo finished.
12 3606 [MQTTEcho] ----Demo finished----

The build worked fine and so the debugger. I double checked the account name and if all resources are in the same region.

I checked the certificates and the policy attached to the certificate which is attached to my thing. The certificate is active.

My policy looks like this:

{
“Version”: “2012-10-17”,
“Statement”: [
{
“Effect”: “Allow”,
“Action”: “iot:Connect”,
“Resource”: “arn:aws:iot:eu-central-1:<>:*”
},
{
“Effect”: “Allow”,
“Action”: “iot:Publish”,
“Resource”: “arn:aws:iot:eu-central-1:<>:topic/freertos/demos/echo”
},
{
“Effect”: “Allow”,
“Action”: “iot:Subscribe”,
“Resource”: “arn:aws:iot:eu-central-1:<>:topicfilter/freertos/demos/echo”
},
{
“Effect”: “Allow”,
“Action”: “iot:Receive”,
“Resource”: “arn:aws:iot:eu-central-1:<>:topic/freertos/demos/echo”
}
]
}

I tried different variants but all with the same result.

Any help is appreciated. I am now trying to look into the logs of the Cloud Watch but don’t expect to find anything.

Best wishes,

Gaurav-Aggarwal-AWS wrote on December 10, 2018:

Looking at the following log, it seems that your endpoint is not correct (unless you knowingly removed prefix.):
MQTT echo attempting to connect to -ats.iot.eu-central-1.amazonaws.com

You can use describe-endpoint API to get your endpoint: https://docs.aws.amazon.com/cli/latest/reference/iot/describe-endpoint.html

Would you please change your policy to match as mentioned here: https://docs.aws.amazon.com/freertos/latest/userguide/freertos-prereqs.html

Thanks.

jacksocket wrote on December 10, 2018:

Hi there,
I have exactly the same problem. I created a new thing more than once and followed the instructions exactly. But it doesn´t work with the B-L475-IOT01A1 board. I received the same error message like webcow. When I use a Raspberry Pi instead of the ST-Board it works. So I think, it´s not an issue of the endpoint. What can I do to get it work with the ST-Board? Thanks in advance.

Gaurav-Aggarwal-AWS wrote on December 10, 2018:

Would you please share your logs too?

In order to check whether you are failing to establish a successful TLS connection or MQTT connect is getting rejected, would you please check the return value of the function prvSetupConnection: https://github.com/aws/amazon-freertos/blob/master/lib/mqtt/aws_mqtt_agent.c#L853

Thanks.

jacksocket wrote on December 11, 2018:

Hello,
my log is as follows:

0 521 [Tmr Svc] WiFi module initialized.
1 532 [Tmr Svc] Write code signing certificate…
2 543 [Tmr Svc] Key provisioning done…
3 3533 [Tmr Svc] WiFi connected to AP lrgast.
4 3537 [Tmr Svc] IP Address acquired 192.168.40.188
5 3542 [Tmr Svc] WiFi firmware version is: C3.5.2.5
6 3547 [Tmr Svc] WiFi firmware is up-to-date.
7 3551 [Tmr Svc] Creating MQTT Echo Task…
8 3555 [MQTTEcho] MQTT echo attempting to connect to a************u-ats.iot.eu-central-1.amazonaws.com.
9 3596 [MQTTEcho] ERROR: MQTT echo failed to connect with error 1.
10 3602 [MQTTEcho] MQTT echo test could not connect to broker.
11 3608 [MQTTEcho] MQTT echo demo finished.
12 3612 [MQTTEcho] ----Demo finished----

{
“Version”: “2012-10-17”,
“Statement”: [
{
“Effect”: “Allow”,
“Action”: “iot:Connect”,
“Resource”: “arn:aws:iot:eu-central-1:49:"
},
{
“Effect”: “Allow”,
“Action”: “iot:Publish”,
“Resource”: "arn:aws:iot:eu-central-1:4
9:
},
{
“Effect”: “Allow”,
“Action”: “iot:Subscribe”,
“Resource”: “arn:aws:iot:eu-central-1:49:"
},
{
“Effect”: “Allow”,
“Action”: “iot:Receive”,
“Resource”: "arn:aws:iot:eu-central-1:4
9:
}
]
}

The return value of the function prvSetupConnection is 0.
By the way, I´ve found out that the definition clientcredentialIOT_THING_NAME in aws_clientcredential.h isn´t used anywere in the projekt. Is that correct?
Thanks in advance for your answer

webcow wrote on December 11, 2018:

Hi,
No. This I did on purpose. My endpoint is a2faf2zywek5lt-ats.iot.eu-central-1.amazonaws.com
and I double checked that it is correct.

But well observed :wink:

Best,

webcow wrote on December 11, 2018:

Sorry. I know this is a stupid question. But how do I check that?

Gaurav-Aggarwal-AWS wrote on December 11, 2018:

I tried to use this demo on STM32L4 in eu-central-1 and I was able to successfully run it.

The return value of zero from prvSetupConnection means that you are failing to establish a TLS connection. Are you using the latest Amazon FreeRTOS version? I see that you are using ATS enspoint and therefore you need to use the latest version 1.4.4.

Thanks.

Gaurav-Aggarwal-AWS wrote on December 11, 2018:

Assuming that you are asking about how to check the Amazon FreeRTOS version, you can check the chanelog file: https://github.com/aws/amazon-freertos/blob/master/CHANGELOG.md

Thanks.

jacksocket wrote on December 13, 2018:

Hello,
I already used the latest version 1.4.4.

Gaurav-Aggarwal-AWS wrote on December 13, 2018:

At this point I am not sure what might be going wrong with your setup. Would you be willing to setup a remote debugging session so that we can help you better?

Thanks.

Gaurav-Aggarwal-AWS wrote on December 17, 2018:

  1. The endpoint string is complete and you do not need any prefix.
  2. You are right, the thing name is not used in the MQTT Hello World demo but it is used in various other demos as you can see here: https://github.com/aws/amazon-freertos/search?q=clientcredentialIOT_THING_NAME&unscoped_q=clientcredentialIOT_THING_NAME
  3. Are you setting the clientcredentialWIFI_SECURITY correctly for your AP: https://github.com/aws/amazon-freertos/blob/master/demos/common/include/aws_clientcredential.h#L71
    It may also be an issue with the signal strength. You can use the WIFI_Scan API to check what access points are visible to the WiFi module: https://github.com/aws/amazon-freertos/blob/master/lib/include/aws_wifi.h#L404

Thanks.

jacksocket wrote on December 17, 2018:

For a remote session I need a permit from my company. But I think it will be basicly possible. However, I still have questions regarding aws_clientcredential.h:

/*

  • MQTT Broker endpoint.
    /
    static const char clientcredentialMQTT_BROKER_ENDPOINT[] = "a3f
    ******po0u-ats.iot.eu-central-1.amazonaws.com";
    Is there a prefix or suffix needed to define the broker endpoint, or is the string complete (except for the asterisk)?

/* Use of a “define” and not a “static const” here to be able to

  • use pre-compile concatenation on the string. */
    #define clientcredentialIOT_THING_NAME “StmNode1”
    I´ve put the name of my thing here but I cannot find any location in the source code where this definition is used. Is that correct?

/*

  • Wi-Fi network to join.
    */
    #define clientcredentialWIFI_SSID “AndroidAP”

/*

  • Password needed to join Wi-Fi network.
    /
    #define clientcredentialWIFI_PASSWORD "ix
    ***14"
    I tried different WLAN hotspots without any success.

Thanks.

jacksocket wrote on December 18, 2018:

Hello,
I´ve make some investigations in the source code and found an issue in es_wifi.c. In line 2360f is the following code:

/* Set the credential set to use. /
sprintf( ( char
)( Obj->CmdData ),“PF=%d,%d\r”, credsFunction, credSet );
ret = AT_ExecuteCommand( Obj, Obj->CmdData, Obj->CmdData );

The return value after execution is ‘ES_WIFI_STATUS_UNEXPECTED_CLOSED_SOCKET’ and the return value from the WIFI module in the data buffer is '\r
\r
ERROR\r

The reason for this is an incorrect value sent to the WIFI module with the ‘PF’ command. creSet has the value 3. According to the documentation of the WIFI module, the value must not be greater than 2.

When I remove the predifined symbol ‘USE_OFFLOAD_SSL’ the demo works, because this code section is not executed.
Thanks.

Gaurav-Aggarwal-AWS wrote on December 18, 2018:

Thank you for doing the investigation. PF=3 is a special feature for STM Discovery board.

It seems that you do not have the correct firmware burnt to the WiFi module. Did you download the ISM43362-M3G-L44-SPI-C3.5.2.5.STM binary from here: https://www.inventeksys.com/iwin/firmware/. Note the “.STM” at the end. It is the third download link on the web page and not the second one.

You can find full instructions to update the WiFi module’s firmware in the readme.txt included in the updater: https://www.st.com/resource/en/utilities/inventek_fw_updater.zip

We recommend to offload SSL to the WiFi module (i.e. define USE_OFFLOAD_SSL) for better performance and less memory footprint.

Thanks.

jacksocket wrote on December 20, 2018:

To update the WIFI module I followed the download link on the german ‘getting_started_st.html’ website. In the zip file there was a file named ISM43362_M3G_L44_SPI_C3.5.2.5.STM.bin but obviously it was not the right one. After renewed update of the module everything works fine now.
Thank you for your support.

Gaurav-Aggarwal-AWS wrote on December 20, 2018:

I am glad that it worked for you. I’ll pass the incorrect link feedback to our documentation team to get it corrected.

Thanks.