SSL over TCP - SIM868

gsm
mqtt

#1

Previously I have developed a solution using SIM5300E with connection to Azure MQTT servers over TCP. For this I used the command “AT+CIPSSL=1”. This works perfectly to Azure over SSL, so the certificate on the SIM530E module must be valid for Azure.

Now I am designing a new version using SIM868.
With the SIM868 I want to connect to Azure over TCP. Using the same AT commands I find that the connection to Azure does not work “AT+CIPSSL=1” returns “OK” the server rejects the message.
I can connect OK to normal connections (no SSL) such as “TCP”,“www.google.com”,“80”
The error I receive is :

+CIPSTART=“TCP”,“xxxxxxxxx.azure-devices.net”,“8883”
OK
STATE: TCP CLOSED
CONNECT FAIL

(where xxxxxx is the name of my Azure hub)

.
When I try to connect with “AT+CIPSSL=0” to any website I get a valid connection. With “AT+CIPSSL=1” I get the “STATE: TCP CLOSED, CONNECT FAIL” error.
I think the SIM868 is very similar to the rest of the SIM8xxx family. Is there a step I am missing or does it not have correct SSL certificates?

In both cases I am using the following sequence:
AT+CPIN?
AT+CGATT?
AT+CIPSHUT
AT+CIPSTATUS
AT+CIPMUX=0
AT+CSTT=“3iot.com”,“NULL”,“NULL”
AT+CIICR
AT+CIFSR
AT+CIPSSL=1 (or (AT+CIPSSL = 0)
AT+CIPSTART=“TCP”,“Smartflow.azure-devices.net”,“8883”
AT+CIPSEND

The Azure SSL requirement is the “DigiCert Baltimore Root certificate”

I’m not sure if I’m supposed to set the SSL cert myself. On page 21 of this document there are some instructions but they are not clear to me.


For example the command “AT+FSCREATE=C:\USER\HENRY_SSL.CRT”, what is the “C” drive? Is it a file system created on the module?


#2

@patrick77
Hey did u solve this problem with SSL. Actually i am working on AWS certificates with SIM 800 module and I m also facing the same issue.So if you can share any other method you tried it would help me.


#3

Hi,

Yes the modules I used are compatible with Azure SSL. SIM5300E and SIM868E.
You need to enable the option CIPSSL for it to work.
I’m not sure about SIM800 or AWS but it may be the same.

Regards
Patrick


#4

sim800 also works after enabling ssl option by using “AT+SSLOPT=1,1\r”
Then “AT+CIPSSL=1\r” BEFORE “AT+CIPSTART=XXXXXXXXXXXXXXXXX”


#5

I use sim800c and ardiuno to connect with AWS EC2 server.
I get “CONNECT OK” response from the thinkspeak server and data is transferring over tcp good.
While connecting with AWS i get “ok” but i am expecting the response “CONNECT OK” from the AWS server.
And at last ERROR could not connect to AWS.
KIndly help to resolve the problem.


#6

here too same issue sim800 and arduino AWS could not get connected


#7

Are you using AWS EC2 and running your own TCP server? You might not have enabled the ports in the security profiles on AWS EC2.


#8

Thanks for the replay Ravi.

I have added security groups inbounds in AWS still not working.


#9

Which all ports have you enabled?