Go Down

Topic: No AWS IoT library / examples? (Read 1 time) previous topic - next topic

tmp2k

So Arduino has teamed up with Amazon and they are running a competition for an Alexa smart home skill using Arduino.

So surely the obvious choice for this is the MKR1000 + AWS IoT?

Yet I can only find Yun libraries and examples for AWS IoT. The MKR1000 WiFi has an ECC508 onboard so surely it's aimed at services just like ASW IoT?

I just can't find any guides on how to connect to AWS IoT using certificates and read/publish data, or am I missing something?

ballscrewbob

Installing certificates is covered with the MKR1000.

The "WiFi101 Firmware Updater" option in the IDE will show the box for installing certificates.
Be aware that there is limited space for them so you cannot simply throw a lot in there.

As fort AWS Google is your friend


That should give you a good start.

 
It may not be the answer you were looking for but its the one I am giving based on either experience, educated guess, google or the fact that you gave nothing to go with in the first place so I used my wonky crystal ball.

tmp2k

#2
Feb 06, 2018, 12:16 am Last Edit: Feb 06, 2018, 01:33 pm by tmp2k
I've spent a lot of time searching google. There are several people with the same query but no real answers other than a brief mention of the firmware updater and "try google".

I could be wrong here as I've only got Google search results as reference but doesn't that just add root/CA certs to be used for TLS comms?

What I'm trying to do is communicate using an MQTT client based on the WiFi client using certificate-based authentication.

e.g.
Code: [Select]

char* rootCABuff =   .....
char* certificateBuff = ....
char* privateKeyBuff = ....

wifiClient.setRootCA((unsigned char*)rootCABuff);
wifiClient.setClientCertificate((unsigned char*)certificateBuff, (unsigned char*)privateKeyBuff);
client.setServer(mqttServer, 8883);
client.setCallback(callback);


(full example here https://github.com/Ameba8195/Arduino/blob/master/hardware_v2/libraries/MQTTClient/examples/amazon_awsiot_basic/amazon_awsiot_basic.ino)


This example uses wifi.h  which has 2 methods setRootCA and setClientCertificate  and these methods don't exist in wifi101.h  (the lib the mkr1000 uses)

So I can make this sketch work if I use a different wifi shield and lib, but not with a MKR1000.

The answer is that certificate-based auth needs adding to the wifi101 lib but this is a little beyond my C++ knowledge. I'm sure I could figure it out but surely this would be an easy job for someone familiar with C++?

I'm also confused as to why Arduino are doing a lot of cross-promotion with Amazon AWS IoT when the only board that they have provided a working SDK for (or even just a lib) is the Yun. 

The MKR1000 seems perfect for IoT, its clearly been designed for the job, so why leave out a bit of functionality that allows it to work with AWS IoT and then promote it as the ideal solution?

BTW, I can get everything working perfectly with https://shiftr.io/ instead of AWS IoT as shiftr uses user/pass auth instead of TLS certs.

ballscrewbob

#3
Feb 06, 2018, 07:01 am Last Edit: Feb 06, 2018, 07:01 am by ballscrewbob
It is via the firmware updater section that you get to the CERTIFICATES section.

It may not be the answer you were looking for but its the one I am giving based on either experience, educated guess, google or the fact that you gave nothing to go with in the first place so I used my wonky crystal ball.

tmp2k

Yes, I understand that but that doesn't have anything to do with the question I'm asking.

How do I setup a client using cert-based auth when wifi101.h doesn't support setClientCertificate?

Are you saying I just add the root CA, the private/public client certs and it somehow knows which ones to use?  How do I tell the client to used cert-based auth for a particular connection?

tmp2k

Quote
you may load root certificates on the WiFi module to access securely specific websites.
https://www.arduino.cc/en/Tutorial/FirmwareUpdater

I've read through this page and there's no mention of adding certs for cert-based auth. It's just for adding root CAs.

I've also read through the docs for wifi101 https://www.arduino.cc/en/Tutorial/FirmwareUpdater and I can't see any information for setting up a client with cert-base auth, or how to add client certs / private keys.

tmp2k

After much research the MRK1000 will not work with AWS IoT due to the Amtel chip not supporting setting of certificate-based authentication at runtime, so it's not even possible to update the WiFi101 lib to support this.

See here...    https://github.com/arduino-libraries/WiFi101/issues/217

Go Up