cancel
Showing results for 
Search instead for 
Did you mean: 
SOLVED

CodeSyS won't connect to AWS mqtt broker, license problem?

CodeSyS won't connect to AWS mqtt broker, license problem?

AndroidzZ
New Contributor

Hello,

We are using the CodeSyS IIOT package. Specifically the AWS IoT Core Client library. Online there is a roadmap what you can follow to connect to AWS, see: https://faq.codesys.com/pages/viewpage.action?pageId=119504904 We followed this roadmap.

We entered in the AWS IoT Client the ClientID, Endpoint, port and topics. We uploaded the (3) certificates that AWS broker creates into the core:

AndroidzZ_0-1664539697747.png

The AWS client FB remains on a TCP_READ_ERROR. It seems that we cannot/should not connect to AWS. This could be due to the certificates.

 Now, if we are to follow the approach in this Codesys documentation with the necessary adjustments following changes to the AWS console, we would be generating a certificate signing request (CSR) (steps 37-41). We have generated the signed certificate based on the CSR using Amazon as the certificate authority. The certificate file along with the root CA files are attached to this email. These files are needed in steps 61-66.

We do not have a privite key (belonging to the CSR file of steps 37-41) in our hands. Based on Codesys' documentation, one must assume that the private key is available somewhere within the Codesys environment. Can this be verified?

 

 

3 REPLIES 3

AndroidzZ
New Contributor

It seems like a wrongly defined LastWillTopic was the problem.

I would appreciate it If somebody could give me the answer to this question: 

We do not have a privite key (belonging to the CSR file of steps 37-41) in our hands. Based on Codesys' documentation, one must assume that the private key is available somewhere within the Codesys environment. Can this be verified?

you could generate certificates either by plcshell command or by security agend:

https://content.helpme-codesys.com/en/CODESYS%20Development%20System/_cds_edt_device_plc_shell.html

 

Yes, i have generated a certificate with the plcshell. And we created a signed certificate of this certificate using amazon as the certificate authority. 

In the PLC we use the the signed certificate. But than still it is not clear where the private key is stored of this signed certificate is and who has it. 

Icon--AD-black-48x48Icon--address-consumer-data-black-48x48Icon--appointment-black-48x48Icon--back-left-black-48x48Icon--calendar-black-48x48Icon--center-alignedIcon--Checkbox-checkIcon--clock-black-48x48Icon--close-black-48x48Icon--compare-black-48x48Icon--confirmation-black-48x48Icon--dealer-details-black-48x48Icon--delete-black-48x48Icon--delivery-black-48x48Icon--down-black-48x48Icon--download-black-48x48Ic-OverlayAlertIcon--externallink-black-48x48Icon-Filledforward-right_adjustedIcon--grid-view-black-48x48IC_gd_Check-Circle170821_Icons_Community170823_Bosch_Icons170823_Bosch_Icons170821_Icons_CommunityIC-logout170821_Icons_Community170825_Bosch_Icons170821_Icons_CommunityIC-shopping-cart2170821_Icons_CommunityIC-upIC_UserIcon--imageIcon--info-i-black-48x48Icon--left-alignedIcon--Less-minimize-black-48x48Icon-FilledIcon--List-Check-grennIcon--List-Check-blackIcon--List-Cross-blackIcon--list-view-mobile-black-48x48Icon--list-view-black-48x48Icon--More-Maximize-black-48x48Icon--my-product-black-48x48Icon--newsletter-black-48x48Icon--payment-black-48x48Icon--print-black-48x48Icon--promotion-black-48x48Icon--registration-black-48x48Icon--Reset-black-48x48Icon--right-alignedshare-circle1Icon--share-black-48x48Icon--shopping-bag-black-48x48Icon-shopping-cartIcon--start-play-black-48x48Icon--store-locator-black-48x48Ic-OverlayAlertIcon--summary-black-48x48tumblrIcon-FilledvineIc-OverlayAlertwhishlist