Hi,
Has anyone successfully connected to azure with the HL78xx module via TCP/SSL?
I connect with AWS fine but there seems to be a problem with azure and i’m guessing its root certificates that don’t quite work with the module.
thanks
Hi hkiol,
Which type of authentication are you using: server or mutual?
Have you stored root CA to the module by command AT+KCERTSTORE=0 ?
Thanks,
Hi @jerdung ,
I am using mutual authentication and have stored all the certificates correctly. I have successfully done the same procedure with no problems for AWS so I suspect my methodology is correct. I also configured all the cipher suites. Could it be that the module doesn’t support any suite from AZURE? I’ll double check again.
The certifications I use for AZURE are correct as I connect OK with them from an MQTT client (MQTTfx). So all configurations from the AZURE side seem to be fine.
I am just unable to connect with the module.
thanks
Please check supported cipher suits with your AZURE. You can get supported list or configure cipher suite at pages 169-171 in document below:
https://source.sierrawireless.com/resources/airprime/software/airprime_hl78xx_at_commands_interface_guide/#sthash.M11xjPEW.dpbs
Thanks,
Hi
Don’t know if its been solved - If this is the case please let us know.
I’m having troubles too with connection to MS Azure … Though having SSL/certificates working …
I’m sending - through TCP - a pre formatted http GET msg …
This gets rejected by server …
My log of full comm here below … stripped for security reasons …
/johnk20210915_NewHL7802_Connection2Server.txt (4.8 KB)
Date: 20210715/JohnK
What: Logging of connection establishment towards MS Azure Company server
Sending using TCP, a preformatted/handcoded http-GET
Status: Failing on comm with server;
Cause: Azure Server received http GET request on correct (443) port but apparently a http and not https command - hence missing encryption ??? (is my assumption)
Hardware: SierraWireless EVAL KIT #2 (5303247 Rev 4) equipped with a HL7802 (4.6.8)
Ref: 5P0xxxxxxx “3594xxx”
Note some comments/text added by my monitor tool … typ inside < >
15-07-2021 10:27:35.110 [TX] - AT
15-07-2021 10:27:35.126 [RX] -
OK
15-07-2021 10:27:37.734 [TX] - ATI9
15-07-2021 10:27:37.766 [RX] -
HL7802.4.6.8
HL78xx.4.6.8.0.RK_02_01_02_00_128.20210213
2021/02/13 02:54:27
IMEI-SV: xxxxx
Legato RTOS: 18.09.6.ALT1250.rc4 2020/10/06 17:52:39
atSwi: 43.00
UBOOT: 01.03
Apps: RKAPP_02_01_02_00_117__axxxxx
MAC: ALT1250_02_01_02_00_116_2G
PHY: 12.50.250492
PMP: 258218
SBUB: 1
SBFW: 1
RPuK: 53F7A48A
FPuK: 139A8E70
RBUB: 0
RBFW: 0
OK
15-07-2021 10:27:52.744 [TX] - ATE0
15-07-2021 10:27:52.756 [RX] -
OK
15-07-2021 10:28:00.932 [RX] -
+SIM: 1
+CGREG: 4
15-07-2021 10:28:01.860 [RX] -
+CGREG: 4,“36BB”,“029B780C”,0,“00”
+SIM: 0
15-07-2021 10:28:06.783 [RX] -
+WDSI: 0 <FOTA - No Indication>
15-07-2021 10:28:09.535 [RX] -
+CGREG: 4,“36BB”,“029B780C”,0,“00”
15-07-2021 10:28:27.823 [RX] -
+SIM: 0
15-07-2021 10:28:28.607 [RX] -
+CGREG: 4
15-07-2021 10:28:30.607 [RX] -
+SIM: 1
15-07-2021 10:28:31.375 [RX] -
+CGREG: 4,“36BB”,“029B780C”,0,“00”
15-07-2021 10:28:57.900 [TX] - AT+COPS?
15-07-2021 10:28:57.917 [RX] -
+COPS: 0,0,“Telenor CXN”,7
OK
15-07-2021 10:29:00.726 [TX] - AT+CSQ
15-07-2021 10:29:00.749 [RX] -
+CSQ: 23,99
OK
15-07-2021 10:29:03.749 [TX] - AT+CCLK?
15-07-2021 10:29:03.773 [RX] -
+CCLK: “21/07/15,10:29:03+08”
OK
15-07-2021 10:29:12.679 [TX] - AT+CEREG?
15-07-2021 10:29:12.701 [RX] -
+CEREG: 0,5 <Registered, Roaming>
OK
15-07-2021 10:29:15.918 [TX] - AT+KCNXTIMER=1,20,1,15,10
15-07-2021 10:29:15.965 [RX] -
OK
15-07-2021 10:29:19.693 [TX] - AT+KSSLCRYPTO?
15-07-2021 10:29:19.724 [RX] -
+KSSLCRYPTO: 0,8,3,25392,12,4,1,0
+KSSLCRYPTO: 1,8,1,8192,4,4,1,0
+KSSLCRYPTO: 2,8,2,16,0,4,1,0
+KSSLCRYPTO: 3,8,2,32,0,4,1,0
+KSSLCRYPTO: 4,8,2,256,0,4,1,0
+KSSLCRYPTO: 5,8,2,512,0,4,1,0
+KSSLCRYPTO: 6,8,2,8192,4,4,1,0
+KSSLCRYPTO: 7,8,2,16384,8,4,1,0
OK
15-07-2021 10:29:36.196 [TX] - AT+KSSLCFG?
15-07-2021 10:29:36.219 [RX] -
+KSSLCFG: 0,3
+KSSLCFG: 2,0
OK
15-07-2021 10:29:42.061 [TX] - AT+KSSLCRYPTO?
15-07-2021 10:29:42.091 [RX] -
+KSSLCRYPTO: 0,8,3,25392,12,4,1,0
+KSSLCRYPTO: 1,8,1,8192,4,4,1,0
+KSSLCRYPTO: 2,8,2,16,0,4,1,0
+KSSLCRYPTO: 3,8,2,32,0,4,1,0
+KSSLCRYPTO: 4,8,2,256,0,4,1,0
+KSSLCRYPTO: 5,8,2,512,0,4,1,0
+KSSLCRYPTO: 6,8,2,8192,4,4,1,0
+KSSLCRYPTO: 7,8,2,16384,8,4,1,0
OK
15-07-2021 10:29:46.294 [TX] - AT+KCERTSTORE?
15-07-2021 10:29:46.325 [RX] -
CONNECT
root_cert,0,1229
-----BEGIN CERTIFICATE-----
REMOVED DUE TO SECURITY
xxxxxxxxx
-----END CERTIFICATE-----
root_cert,1,0
root_cert,2,0
root_cert,3,0
local_cert,0,0
local_cert,1,0
local_cert,2,0
OK
15-07-2021 10:30:09.924 [TX] - AT+CGPADDR=1
15-07-2021 10:30:09.955 [RX] -
+CGPADDR: 1,“10.0.0.18”
OK
15-07-2021 10:30:14.414 [TX] - AT+KTCPCFG=1,0,“coompany_server.com”,443
15-07-2021 10:30:14.498 [RX] -
+KTCPCFG: 1
OK
15-07-2021 10:30:17.638 [TX] - AT+KTCPCNX=1
15-07-2021 10:30:17.682 [RX] -
OK
+KCNX_IND: 1,1,0
1; Connected; IPV4
15-07-2021 10:30:19.170 [RX] -
+KTCP_IND: 1,1 ID=1; session is set up and ready for operation
15-07-2021 10:30:22.706 [TX] - AT+KTCPSTART=1
15-07-2021 10:30:22.747 [RX] -
CONNECT
15-07-2021 10:30:26.341 [TX] - GET /api/v2/discovery/imei/my-imei-number?deviceKey=a-device-key&includerootCertificate=true HTTP/1.1
Host: company_server.com
Connection: close
cache-control: no-cache
Accept: text/plain
API-key: my-API-Key
15-07-2021 10:30:30.615 [TX] -
15-07-2021 10:30:30.953 [RX] - HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 15 Jul 2021 08:30:30 GMT
Content-Type: text/html
Content-Length: 248
Connection: close
Strict-Transport-Security: max-age=63072000
400 Bad Request
The plain HTTP request was sent to HTTPS portnginx
NO CARRIER
+KTCP_NOTIF: 1,4