FORUM CTRLX AUTOMATION
ctrlX World Partner Apps for ctrlX AUTOMATION
09-30-2022 02:11 PM - edited 09-30-2022 02:20 PM
Hello,
We are using the CodeSyS IIOT package. Specifically the AWS IoT Core Client library. Online there is a roadmap what you can follow to connect to AWS, see: https://faq.codesys.com/pages/viewpage.action?pageId=119504904 We followed this roadmap.
We entered in the AWS IoT Client the ClientID, Endpoint, port and topics. We uploaded the (3) certificates that AWS broker creates into the core:
The AWS client FB remains on a TCP_READ_ERROR. It seems that we cannot/should not connect to AWS. This could be due to the certificates.
Now, if we are to follow the approach in this Codesys documentation with the necessary adjustments following changes to the AWS console, we would be generating a certificate signing request (CSR) (steps 37-41). We have generated the signed certificate based on the CSR using Amazon as the certificate authority. The certificate file along with the root CA files are attached to this email. These files are needed in steps 61-66.
We do not have a privite key (belonging to the CSR file of steps 37-41) in our hands. Based on Codesys' documentation, one must assume that the private key is available somewhere within the Codesys environment. Can this be verified?
Solved! Go to Solution.
10-17-2022 09:22 AM
It seems like a wrongly defined LastWillTopic was the problem.
I would appreciate it If somebody could give me the answer to this question:
We do not have a privite key (belonging to the CSR file of steps 37-41) in our hands. Based on Codesys' documentation, one must assume that the private key is available somewhere within the Codesys environment. Can this be verified?
10-20-2022 01:49 PM
you could generate certificates either by plcshell command or by security agend:
https://content.helpme-codesys.com/en/CODESYS%20Development%20System/_cds_edt_device_plc_shell.html
10-21-2022 08:36 AM
Yes, i have generated a certificate with the plcshell. And we created a signed certificate of this certificate using amazon as the certificate authority.
In the PLC we use the the signed certificate. But than still it is not clear where the private key is stored of this signed certificate is and who has it.