Help Connecting Xbee Cellular to AWS console

Folks,
I have tried continuously for the past week to connect my Digi Xbee3 Cellular LTE-M to the AWS Console. I think my problem is with the SSL certificate that is causing the socket.connect function to time out - but that is just a guess. I have reviewed other posts with a similar issue and tried all the recommendations: (removing -ats from the host name; using the Symantec legacy certificate, using the Starfield certificate, using new aws certificates, etc.). I keep getting the following error when using the micropython test code (aws-https.py) found at https://github.com/digidotcom/xbee-micropython:

MicroPython v1.9.4-927-g7565eb7 on 2018-11-08; XBC LTE-M/NB-IoT Global with EFR32MG
Type “help()” for more information.
>>>
paste mode; Ctrl-C to cancel, Ctrl-D to finish
1=== import usocket, ussl, time, network
2=== host = b’a11y05y0u5faak’
3=== region = b’us-west-2’
4=== thing_name = b’SWR_TestSensor_1’
5=== aws_endpoint = b’%s.iot.%s.amazonaws.com’ % (host, region)
6=== ssl_params = {‘keyfile’: “/flash/cert/aws.key”,
7=== ‘certfile’: “/flash/cert/aws.crt”,
8=== ‘ca_certs’: “/flash/cert/cert.ca”}
9=== conn = network.Cellular()
10=== while not conn.isconnected():
11=== print(“waiting for network connection
”)
12=== time.sleep(4)
13=== print(“network connected”)
14=== def https_test(hostname=aws_endpoint, sslp=ssl_params):
15=== s = usocket.socket(usocket.AF_INET, usocket.SOCK_STREAM, usocket.IPPROTO_SEC)
16=== s.setblocking(False)
17=== w = ussl.wrap_socket(s, **ssl_params)
18=== print(“connecting
”)
19=== w.connect((hostname, 8443))
20=== print(“connected”)
21=== print(“sending request”)
22=== w.write(b’GET /things/%s/shadow HTTP/1.0
Host: %s

’ % (thing_name, hostname))
23=== print(“waiting for data
”)
24=== while True:
25=== data = w.read(1024)
26=== if data:
27=== print(str(data, ‘utf-8’))
28=== break
29=== w.close()
30=== print(“DONE”)
31=== https_test()
32===
network connected
Traceback (most recent call last):
File “”, line 31, in
File “”, line 17, in https_test

Likewise, I get the following error codes when using the same source for testing an mqtt connection (aws-publish.py):

MicroPython v1.9.4-927-g7565eb7 on 2018-11-08; XBC LTE-M/NB-IoT Global with EFR32MG
Type “help()” for more information.
>>>
paste mode; Ctrl-C to cancel, Ctrl-D to finish
1=== from umqtt.simple import MQTTClient
2=== import time, network
3=== host = b’a11y05y0u5faak’
4=== region = b’us-west-2’
5=== aws_endpoint = b’%s.iot.%s.amazonaws.com’ % (host, region)
6=== ssl_params = {‘keyfile’: “/flash/cert/aws.key”,
7=== ‘certfile’: “/flash/cert/aws.crt”,
8=== ‘ca_certs’: “/flash/cert/aws.ca”}
9=== conn = network.Cellular()
10=== while not conn.isconnected():
11=== print(“waiting for network connection
”)
12=== time.sleep(4)
13=== print(“network connected”)
14=== def publish_test(clientId=“SWR_TestSensor_1”, hostname=aws_endpoint, sslp=ssl_params):
15=== c = MQTTClient(clientId, aws_endpoint, ssl=True, ssl_params=sslp)
16=== print(“connecting
”)
17=== c.connect()
18=== print(“connected”)
19=== print(“publishing message
”)
20=== c.publish(“sample/xbee”, ‘{“message”: “AWS Sample Message”}’)
21=== print(“published”)
22=== c.disconnect()
23=== print(“DONE”)
24=== publish_test()
network connected
connecting

Traceback (most recent call last):
File “”, line 24, in
File “”, line 17, in publish_test
File “/flash/lib/umqtt/simple.py”, line 72, in connect
OSError: [Errno 7005] EIO

I am new to using certificates but it seems to be where the problem is. Has anyone experienced similar issues and can provide some guidance? Or is there something in my code that doesn’t look quite right? Thanks in advance!

Jon

Please ensure on the AWS IoT core that your thing you wish to connect has an ACTIVE certificate with a sufficiently permissive policy.

Go to the IoT core -> things (select your thing) -> security (select your certificate) -> actions (top right) and ensure it is active.

1 Like

first off, you should edit your post and delete your AWS endpoint info.

Next, here’s what I used:

Copyright (c) 2019, Digi International, Inc.

Permission is hereby granted, free of charge, to any person obtaining a copy

of this software and associated documentation files (the “Software”), to deal

in the Software without restriction, including without limitation the rights

to use, copy, modify, merge, publish, distribute, sublicense, and/or sell

copies of the Software, and to permit persons to whom the Software is

furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in

all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR

IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,

FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE

AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER

LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,

OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE

SOFTWARE.

#this code worked on 2020 05 02
from umqtt.simple import MQTTClient
import network
import time

AWS endpoint parameters.

AWS endpoint parameters.

TODO: replace with your account values.

HOST = b’YOUR HOST HERE’ # ex: b’abcdefg1234567’

REGION = b’us-east-1’ # ex: b’us-east-1’
THING_NAME = b’XBEE-1’ # ex: b’IMEI_12345’
CLIENT_ID = “YOUR ID HERE”
AWS_ENDPOINT = b’%s.iot.%s.amazonaws.com’ % (HOST, REGION)

SSL certificates.

SSL_PARAMS = {‘keyfile’: “/flash/cert/aws.key”,
‘certfile’: “/flash/cert/aws.crt”,
‘ca_certs’: “/flash/cert/verisign-CA.crt”}

TOPIC = “sensorMessages”
MESSAGE = “AWS Sample Message”

def publish_test(client_id=CLIENT_ID, hostname=AWS_ENDPOINT, sslp=SSL_PARAMS):
“”"
Connects to AWS, publishes a message and disconnects.

:param client_id: Unique identifier for the device connected.
:param hostname: AWS hostname to connect to.
:param sslp: SSL certificate parameters.
"""

# Connect to AWS.
client = MQTTClient(client_id, hostname, ssl=True, ssl_params=sslp)
print("- Connecting to AWS... ", end="")
client.connect()
print("[OK]")
# Publish message.
print("- Publishing message... ", end="")
client.publish(TOPIC, '{"message": "%s"}' % MESSAGE)
print("[OK]")
# Disconnect.
client.disconnect()
print("- Done")

print(" ±------------------------------------+“)
print(” | XBee MicroPython AWS Publish Sample |“)
print(” ±------------------------------------+
")

conn = network.Cellular()

print(“- Waiting for the module to be connected to the cellular network
 “,
end=””)
while not conn.isconnected():
time.sleep(5)
print(“[OK]”)

publish_test()

Make sure to use the VERISIGN certificate. Make sure you can ping an address of some kind and you’re connected to the internet. Make sure you have the right certs on your device, the easiest way is to create a thing and download them. Make sure you’ve got all of the certs named properly. Make sure you’ve given permissions to iot*. And most of all, don’t feel bad, this seems to be a common struggle for everyone getting started. Good luck!