Announcement

Collapse
No announcement yet.

AWS IoT Connection Problem with Xport Pro - Evo

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • AWS IoT Connection Problem with Xport Pro - Evo

    We are having problems connecting to our Amazon IoT server with the Xport Pro running the latest version of Evolution f/w v5.5.0.1R15.

    The AWS IoT server will only accept TLSv1.2 connections and it also requires a client certificate and private key to be entered into the XPP. In the past we have had no problems with the XPP connecting to other servers using TLSv1.1 but this is the first time we have tried connecting using the newly added TSLv1.2 and client certs.

    We are running the XPP with the serial tunnel set to modem mode and each time we issue the ATDT command we just get the "NO ANSWER" response. The XPP error log shows an error 1259. The Lantronix technical support team tried this too and they said they got an error saying there was a mismatch between the DN being used for the connection and that which is defined in the certificate. The certs are issued by AWS and I have tested them by connecting to AWS with one of our wifi products so I know the certs and endpoint are good.

    AWS IoT issues you with a unique endpoint for each account which looks like "your_unique_account_no.iot.us-east-2.amazonaws.com". I'm pretty sure they use wild cards in the certificates and I'm wondering if this could be confusing the XPP.

    Has anybody had success connecting to AWS IoT with the XPP?

    Last edited by mulroy; 08-14-2018, 08:59 PM.

  • #2
    Hi Mulroy, I don't have experience connecting XPP to AWS. but our new xPort edge can connect to AWS for sure. xPort edge can connect to Lantronix cloud server Mach10 and Mach10 is based on AWS.

    Comment


    • #3
      Hi leowang.

      Does the xport edge use the same SSL libraries as the XPP?

      Do you know if the Mach 10 cloud server uses wildcards in the certificates ands does it even require client certificates and TLSv1.2?

      At this stage I'm putting my money on the fact that it is the wild cards in the certificiates that are confusing the XPP.

      Does anyone else have any experience with XPP using client certs with possible wildcards?

      Comment

      Working...
      X