For reasons I don’t really understand, my AWS credentials and subsequent handshake protocol are working fine, but my MQTT connection is failing:
The MQTT parameters for this example project are set in a JSON file. These MQTT parameters are related to both the publication topic that my AWS account is subscribed to, and the wi-fi connection. I’m not sure if the error is tied to the wi-fi or the MQTT topic.
So far I haven’t been able to track down which part of the example code calls out the error messaging for the MQTT connection. The way I see it, I probably did something wrong in the JSON file, but I don’t know enough about mbed (and makefiles) to have seen it yet.
Has anyone come across a similar problem and been able to resolve it?
First of all, please update the mbed-client-for-aws library to the latest commit in the master branch, it contains a fix which shows the correct error code when connect fails. It would be easier to debug the situation with the correct return code.
As the TLS connection succeeds, your Wi-Fi connection seems to be OK. I believe this is a policy issue in AWS, which results in your device being rejected by the server, please check your AWS IoT logs for more information and make sure you have your policies set up correctly. If you post the logs here, we could investigate the issue further.
Thank you for your reply. I have now uploaded the newest version of this library (from 2021).
I’ve been doing a bit more digging on this problem. I went back to look at the github page for the AWSClient for mbed:
I have been able to see that the message that pops up in the terminal is linked to this section of the code (part of the AWSClient::connect function):
You were right, using the newest version of the library outputted a different error code (7) than the original version. I’m not actually sure what this means though.
Additionally, I’ve also gone back to see if the “Thing Name” I created in AWS matches up with what I wrote on the JSON file:
This left me confused, as it looks like the “aws-client-identifier” value in the mbed_app.json is exactly the same as the Thing Name in AWS. All security certificates for this “Thing” are active (as shown in the previous post).
I’m even using the wildcard option for the AWS Test MQTT topic (after trying to subscribe to a specific topic). So I still don’t know what could be going wrong:
The return codes are of the type MQTTStatus_t. Code 7 means MQTTNoDataAvailable, which is usually the case if the server has closed the connection. This supports my diagnosis.
The client ID does not have to be the same as the thing name, although this is usually the convention. This restriction can be implemented using the policies.
You still did not show your policies or the AWS IoT logs. Please check your policies and enable+check the logs for more information.
I tried to extract some connectivity info through the AWS Cli. No matter what I seem to do, I can’t find any indication that my AWS Thing has any attached policies:
I also wanted to let you know I tried setting up AWS CloudWatch Logging, without success. I keep trying to reconnect to the AWS IoT console via my board, but I can’t tell if any useful info is actually being displayed in CloudWatch:
I would suggest using a desktop MQTT client such as the AWS IoT python SDK to test the policies first. Use the same credentials and the same parameters to see if you can connect from another client. This would help to rule out device related problems and isolate your issue. There are plenty of resources which can guide you through the AWS related issues. If you can connect with another client, try again with the Mbed client and post the results here, maybe we can help afterwards.
