Transcription
SARA-R410M/SARA-R412MAT command connect to AWS IoT coreApplication noteAbstractThis document provides examples of how to use AT commands to connect the AWS IoT service withu-blox SARA-R410M / SAR-R412M.UBX-20010011 - R02C1-Publicwww.u-blox.com
SARA-R410M/SARA-R412M - Application noteDocument informationTitleSARA-R410M/SARA-R412MSubtitleAT command connect to AWS IoT coreDocument typeApplication noteDocument numberUBX-20010011Revision and dateR02Disclosure restrictionC1-Public29-Mar-2021Product statusCorresponding content statusFunctional sampleDraftFor functional testing. Revised and supplementary data will be published later.In development /PrototypeObjective specificationTarget values. Revised and supplementary data will be published later.Engineering sampleAdvance informationData based on early testing. Revised and supplementary data will be published later.Initial productionEarly production informationData from product verification. Revised and supplementary data may be published later.Mass production /End of lifeProduction informationDocument contains the final product specification.This document applies to the following products:Product nameSARA-R410MSARA-R412Mu-blox or third parties may hold intellectual property rights in the products, names, logos and designs included in thisdocument. Copying, reproduction, modification or disclosure to third parties of this document or any part thereof is onlypermitted with the express written permission of u-blox.The information contained herein is provided “as is” and u-blox assumes no liability for its use. No warranty, either express orimplied, is given, including but not limited to, with respect to the accuracy, correctness, reliability and fitness for a particularpurpose of the information. This document may be revised by u-blox at any time without notice. For the most recentdocuments, visit www.u-blox.com.Copyright u-blox AG.UBX-20010011 - R02C1-PublicDocument informationPage 2 of 12
SARA-R410M/SARA-R412M - Application noteContentsDocument information . 2Contents . 31Steps for getting started with AWS IoT . 41.1 Store certifications in module flash . 41.1.1Check the file size . 41.1.2Use terminal software to write the file in the module . 41.1.3File stored successfully . 51.1.4Stored the 3 files in the module flash . 51.2 Check CA, CC, and PK in file system . 51.3 Import CA, CC, and PK from a file store on file system . 51.4 Enable HEX mode and set security profile . 51.5 Create TCP socket and connect to AWS IoT with SSL enable . 62Send MQTT message from module to AWS IoT core. 72.1 Subscribe to a topic and receive a message from AWS IoT core . 72.2 Publish message to AWS IoT core . 73Using AWS IoT device shadow . 83.1 Update the contents of a device shadow . 93.2 Subscribe and retrieve the latest state stored in device shadow . 9Appendix . 10AHow to convert ASCII to HEX . 10Related documentation . 11Revision history . 11Contact . 12UBX-20010011 - R02C1-PublicContentsPage 3 of 12
SARA-R410M/SARA-R412M - Application note1Steps for getting started with AWS IoTTo get started with AWS IoT service, follow the steps shown on the AWS eloperguide/iot-gs.htmlYou can also get an AWS IoT certification, though currently only a legacy certification is eveloperguide/create-device-certificate.htmlFor more details on AT commands, see SARA-R4 AT commands manual [2]. Due to AWS's continuous evolution, some information provided in this document can be not up todate.1.1 Store certifications in module flashAfter downloading the CA, CC, and PK from AWS, store them in the module via AT commands. Hereare the steps to download files to the module’s flash memory:1.1.1Check the file size1.1.2Use terminal software to write the file in the moduleIn the following example TeraTerm is used to write CA, CC, and PK in the module. After character " "choose File tab- Send file- Select "aws legacy ca.pem"UBX-20010011 - R02C1-PublicSteps for getting started with AWS IoTPage 4 of 12
SARA-R410M/SARA-R412M - Application note1.1.3File stored successfully1.1.4Stored the 3 files in the module flashRepeat steps 1.1.1 - 1.1.3 to download the other files "383847e4d4-certificate.pem.crt" and"383847e4d4-private.pem.key".1.2 Check CA, CC, and PK in file systemCommandResponseDescriptionAT ULSTFILE 2,"aws legacy ca.pem" ULSTFILE: 1188OKCA availability in the module.AT ULSTFILE 2,"383847e4d4certificate.pem.crt" ULSTFILE: 1224OKCC availability in the module.AT ULSTFILE 2,"383847e4d4private.pem.key" ULSTFILE: 1679OKPK availability in the module1.3 Import CA, CC, and PK from a file store on file systemCommandResponseDescriptionAT USECMNG 1,0,"aws legacy ca.pem USECMNG: 1,0,"aws legacy ca.pem", Import CA.","aws legacy ca.pem""CB17E431673EE209FE455793F30AFA1C"OKAT USECMNG 1,1,"383847e4d4 USECMNG: 1,1,"383847e4d4Import CC.certificate.pem.crt","383847e4d4- crt"0124E3D7F96F904D7084"OK USECMNG: 1,2,"383847e4d4Import F29"OKAT USECMNG .pem.key"1.4 Enable HEX mode and set security profileCommandResponseDescriptionAT UDCONF 1,1OKEnable the HEX mode.AT USECPRF 0,0,1OKSet the certificate validation level 1.AT USECPRF 0,1,0OKSet the TLS version to any.AT USECPRF 0,2,0OKSet automatic the cipher suite.AT USECPRF 0,3,"aws legacy ca.pem"OKSet the trusted root certificate internal name.AT USECPRF 0,5,"383847e4d4-certificate. OKpem.crt"Set the client certificate internal name.AT USECPRF 0,6,"383847e4d4-private.pem. OKkey"Set the client certificate internal name.UBX-20010011 - R02C1-PublicSteps for getting started with AWS IoTPage 5 of 12
SARA-R410M/SARA-R412M - Application noteCommandAT USECPRF 0,10,"northeast-1.amazonaws.com ".iot.ap-ResponseDescriptionOKSet the Server Name Indication. SNI is a feature of SSL/TLS which uses anadditional SSL/TLS extension header tospecify the server name to which the clientis connecting to. SNI configuration may berequired to support the certificatehandling used with virtual hosting providedby the various SSL/TLS enabled serversmostly in cloud-based infrastructures.1.5 Create TCP socket and connect to AWS IoT with SSL enableUse the COPS read command to check the network registrations status.After the device has been registered to the network, create a TCP socket to connect with.To get AWS end point, follow the steps on the website:CommandResponseDescriptionAT USOCR 6 USOCR: 0OKCreate TCP socket.AT USOSEC 0,1,0OKEnable SSL/TLS connection on a TCPsocket.AT USOCO 0,".iot.ap- OKnortheast-1.amazonaws.com",8883Connect to AWS IoT server by ATcommand. To get the end point, it should be on AWS account Settings Endpoint. It should delete "-ats"because currently only legacy certification can be supported. AWS IoT Core is currently supported using the legacy root CA certificate in a limited number ofAWS regions. For the list of supported AWS region visit the following 010011 - R02C1-PublicSteps for getting started with AWS IoTPage 6 of 12
SARA-R410M/SARA-R412M - Application note2Send MQTT message from module to AWSIoT coreMQTT messages require conversion from ASCII to hexadecimal format. The arguments for thesemessages include the MQTT topic and payload. The messages have been created by the AWS IoTSDK. For more details, see the website for AWS IoT perguide/iot-sdks.htmlThe examples here are using Python.Connect the end point with default connection header, Client ID, and protocol.ASCII messageMQTT Test ?SDK Python&Version 1.4.7HEX 342e37AT commandAT USOWR 342e37"2.1 Subscribe to a topic and receive a message from AWS IoTcoreSubscribe topic: iotdemo/pub/1ASCII messageiotdemo/pub/1HEX number82120001000d696f7464656d6f2f7075622f3101AT commandAT USOWR .2 Publish message to AWS IoT corePublish message: iotdemo/pub/1{"message": "helloworld", "sequence": 0} ASCII messageiotdemo/pub/1{"message": "helloworld", "sequence": 0}HEX 657175656e6365223a20307dAT commandAT USOWR 657175656e6365223a20307d"For more details about the conversion from ASCII to HEX format, see appendix A.UBX-20010011 - R02C1-PublicSend MQTT message from module to AWS IoT corePage 7 of 12
SARA-R410M/SARA-R412M - Application note3Using AWS IoT device shadowWhen AWS IoT Core registers a thing, a shadow can be used to interact with the device. For moredetails, erguide/device-shadow-data-flow.htmlExample: When you register “ublox sara r401m” as a thing, then its reversed MQTT topic for shadowwould be:UBX-20010011 - R02C1-PublicUsing AWS IoT device shadowPage 8 of 12
SARA-R410M/SARA-R412M - Application note3.1 Update the contents of a device shadowBoot up the device and issue the USOWR AT command to publish updates to shadow service fromthe u-blox cellular module.3.2 Subscribe and retrieve the latest state stored in deviceshadowBoot up the device and issue the USOWR AT command to subscribe to a shadow topic from theshadow service, and then use “AT USORD” to receive subscribed shadow message. As described in section 2, convert ASCII to HEX. See appendix A for information about how toconvert from ASCII to HEX.UBX-20010011 - R02C1-PublicUsing AWS IoT device shadowPage 9 of 12
SARA-R410M/SARA-R412M - Application noteAppendixA How to convert ASCII to HEXYou can use this website tool to convert ASCII to ii-to-hex.htmlUBX-20010011 - R02C1-PublicAppendixPage 10 of 12
SARA-R410M/SARA-R412M - Application noteRelated documentation[1][2][3] u-blox SARA-R4 series data sheet, UBX-16024152u-blox SARA-R4 series AT commands manual, UBX-17003787u-blox SARA-R4 series system integration manual, UBX-16029218For regular updates to u-blox documentation and to receive product change notifications, registeron our homepage (www.u-blox.com).Revision nitial releaseR0229-Mar-2021alosGeneric formal improvementsUBX-20010011 - R02C1-PublicRelated documentationPage 11 of 12
SARA-R410M/SARA-R412M - Application noteContactFor complete contact information, visit us at www.u-blox.com.u-blox OfficesNorth, Central and South Americau-blox America, Inc.Phone:E-mail: 1 703 483 3180info us@u-blox.comRegional Office West Coast:Phone:E-mail: 1 408 573 3640info us@u-blox.comHeadquartersEurope, Middle East, AfricaAsia, Australia, Pacificu-blox AGPhone: 65 6734 3811E-mail: info ap@u-blox.comSupport: support ap@u-blox.comPhone: 41 44 722 74 44E-mail: info@u-blox.comSupport: support@u-blox.comRegional Office Australia:Phone: 61 3 9566 7255E-mail: info anz@u-blox.comSupport: support ap@u-blox.comTechnical Support:Phone:E-mail:u-blox Singapore Pte. Ltd. 1 703 483 3185support@u-blox.comRegional Office China (Beijing):Phone: 86 10 68 133 545E-mail: info cn@u-blox.comSupport: support cn@u-blox.comRegional Office China (Chongqing):Phone: 86 23 6815 1588E-mail: info cn@u-blox.comSupport: support cn@u-blox.comRegional Office China (Shanghai):Phone: 86 21 6090 4832E-mail: info cn@u-blox.comSupport: support cn@u-blox.comRegional Office China (Shenzhen):Phone: 86 755 8627 1083E-mail: info cn@u-blox.comSupport: support cn@u-blox.comRegional Office India:Phone: 91 80 405 092 00E-mail: info in@u-blox.comSupport: support in@u-blox.comRegional Office Japan (Osaka):Phone: 81 6 6941 3660E-mail: info jp@u-blox.comSupport: support jp@u-blox.comRegional Office Japan (Tokyo):Phone: 81 3 5775 3850E-mail: info jp@u-blox.comSupport: support jp@u-blox.comRegional Office Korea:Phone: 82 2 542 0861E-mail: info kr@u-blox.comSupport: support kr@u-blox.comRegional Office Taiwan:Phone: 886 2 2657 1090E-mail: info tw@u-blox.comSupport: support tw@u-blox.comUBX-20010011 - R02C1-PublicContactPage 12 of 12
To get the end point, it should be on AWS account Settings Endpoint. It should delete "-ats" because currently only legacy certification can be supported. AWS IoT Core is currently supported using the legacy root CA certificate in a limited number of AWS regions. For the list of supported AWS region visit the following page:
