Home/Support/Support Forum/can't connect to aws
Welcome to Digi Forum, where you can ask questions and receive answers from other members of the community.

can't connect to aws

0 votes
Hello,
I am trying to connect a XBee3 Cellular LTE Cat1 A&T radio to AWS.
I am using the dev kit.
I am able to confirm connection on the PC using the example code on page 64 of the Digi MicroPython Programming guide.

But when I try the example on page 65 or the aws-https.py example on https://github.com/digidotcom/xbee-micropython/blob/master/samples/cellular/aws/aws-https.py, I keep getting the following error:

Traceback (most recent call last):
File "<stdin>", line 37, in <module>
File "<stdin>", line 24, in https_test
OSError: [Errno 7005] EIO

Below is the MicroPython Terminal output.

Please help. I have spent many hours on this problem and it seems to be an issue on the Forums.

soft reboot

MicroPython v1.9.4-797-g4361c12 on 2018-09-20; XBC LTE-M/NB-IoT Global with EFR32MG
Type "help()" for more information.
>>>
paste mode; Ctrl-C to cancel, Ctrl-D to finish
1=== import usocket, ussl, time, network
2===
3=== # AWS endpoint parameters
4=== host = b'a3pzb3h0tgvmya-ats'
5=== region = b'us-west-2'
6=== thing_name = b'123456' #ex: b'IMEI_12345'
7===
8=== aws_endpoint = b'%s.iot.%s.amazonaws.com' % (host, region)
9=== ssl_params = {'keyfile': "/flash/cert/aws.key",
10=== 'certfile': "/flash/cert/aws.crt",
11=== 'ca_certs': "/flash/cert/aws.ca"} # ssl certs
12===
13=== conn = network.Cellular()
14=== while not conn.isconnected():
15=== print("waiting for network connection...")
16=== time.sleep(4)
17=== print("network connected")
18===
19=== def https_test(hostname=aws_endpoint, sslp=ssl_params):
20=== s = usocket.socket(usocket.AF_INET, usocket.SOCK_STREAM, usocket.IPPROTO_SEC)
21=== s.setblocking(False)
22=== w = ussl.wrap_socket(s, **ssl_params)
23=== print("connecting...")
24=== w.connect((hostname, 8443))
25=== print("connected")
26=== print("sending request")
27=== w.write(b'GET /things/%s/shadow HTTP/1.0\r\nHost: %s\r\n\r\n' % (thing_name, hostname))
28=== print("waiting for data...")
29=== while True:
30=== data = w.read(1024)
31=== if data:
32=== print(str(data, 'utf-8'))
33=== break
34=== w.close()
35=== print("DONE")
36===
37=== https_test()
38===
network connected
connecting...
Traceback (most recent call last):
File "<stdin>", line 37, in <module>
File "<stdin>", line 24, in https_test
OSError: [Errno 7005] EIO

>>>
>>>
asked Nov 12, 2018 in Digi Connect Cellular by bradstew New to the Community (0 points)
I just wanted to chime in here to say that I'm experiencing problems similar to the two posters on this thread. In my case, I was able to successfully test the AWS IOT connection through port 8443, but attempting to connect to the AWS MQTT broker through port 8883 using the same credentials results in the ECONNREFUSED error. I should also mention that I am able to successfully connect to the MQTT broker using the Node-Red tool on my PC with the same credentials, so the problem seems to be limited to connections through the XBee modem.

Please log in or register to answer this question.

3 Answers

0 votes
Try replacing your "aws.ca" file with the "Amazon Root CA 1" file here: https://docs.aws.amazon.com/iot/latest/developerguide/managing-device-certs.html

The current version of the MicroPython Programming Guide instructs you to download the Symantec certificate. As mentioned on that AWS documentation page, Amazon have switched to using their own root certificates and Amazon Trust Services (ATS - hence the "-ats" in the endpoint variable).

The programming guide has been updated to reflect the use of ATS (when the instructions were originally written, AWS IoT did not use ATS) and the new version will be available soon.
answered Nov 14, 2018 by tckr Seasoned Professional (230 points)
0 votes
Having same issue with CA 1 file.

Any ideas?

aws_http_pc.py returns fine.
answered Nov 16, 2018 by jmcchristian New to the Community (1 point)
reshown May 13 by michaelt
0 votes
I've tried replacing the trust certificate with both the RSA 2048 bit key ( https://www.amazontrust.com/repository/AmazonRootCA1.pem ) and the RSA 4096 bit key ( https://www.amazontrust.com/repository/AmazonRootCA2.pem ) and I receive a similar error:

Traceback (most recent call last):
File "<stdin>", line 17, in <module>
OSError: [Errno 7111] ECONNREFUSED
answered Nov 26, 2018 by tylerkoldenjtp New to the Community (8 points)
Have you gotten anywhere with trying to connect?
Remove the '-ats' (in host0 from the url endpoint  That fixed it for me.
...