Thales' cellular IoT products business is now part of Telit Cinterion, find out more.

You are here

Community > Forum > Cinterion® Module Services > Import CA on EXS62 module

Import CA on EXS62 module | Telit Cinterion IoT Developer Community

Like
0
24
dpgf3mislavhas's picture
dpgf3mislavhas

September 29, 2022 - 12:00pm, 2509 views

Hello everyone,

I am trying to enable the secure MQTT connection with TLS on EXS62-W module. To do that, I need to import CA certificate into the module's NVRAM. Following the documentation I saw that this can be done with the AT command AT^SBNW=is_cert,1 or using cmd_ipcertmgr.jar tool. 

If I use this command I get no answer, so I want to try with java tool, but I don't know where to find this tool and the following files for my module. 

Can someone tell me where to find this tool or what is the correct use of the AT^SBNW=is_cert,1 command to import CA. 

24
Comment
Log in or register to post comments
21 - 24 of 24 Comments

Pages

dpgf3mislavhas's picture
dpgf3mislavhas
Oct 12 2022 - 4:17pm

Now it seems to be connected, but still nothing happens. What should happen after CTS _RTS flow is enabled?

Bartłomiej Gemalto Moderator's picture
Bartłomiej Gema...
Oct 13 2022 - 11:37am

Did you check if you can communicate with the module on this port with any terminal emulator program like ZOC, TeraTerm etc.?
If so, I don't know what it could be - maybe it's because Java version or there is some other problem with communication in your system with RXTX lib used by the tool, or something else.

Here, how it looks at my side:

c:\Data\exs62-w_exs82-w_tls_tools\Tools\bin\win-x86>java -jar cmd_IpCertMgr.jar -serialPort COM22 -serialSpd 115200 -cmd writecert -certfile starfield_root_ca_g2.cer -certIndex 30 -sigType NONE
Java version: 32-bit
1.7.0_25
Stable Library
=========================================
Native lib Version = RXTX-2.1-7
Java lib Version   = RXTX-2.1-7
CTS_RTS flow control enabled.
AT:AT+CGSN
Response:351234567890123
IMEI:351234567890123
signature skipped
nullAT
OK
AT^SBNW=is_cert,1
CONNECT

SECURE CMD READY: SEND COMMAND ...

SECURE CMD END OK

OK

What you can also do is to generate the binary file with

java -jar cmd_IpCertMgr.jar -cmd writecert -certfile starfield_root_ca_g2.cer -certIndex 30 -sigType NONE -file starfield_root_ca_g2.bin

and then upload it to the module with AT^SBNW=is_cert,1 command like the tool does but with your favorite terminal. Just wait for CONNECT and then upload the file as binary. If you see 'SECURE CMD END OK' everything is fine. You can read the certs with at^sbnr="is_cert" to see if it's installed.

 

dpgf3mislavhas's picture
dpgf3mislavhas
Oct 18 2022 - 3:11pm

Did it with the command AT^SBNW=is_cert,1. It loaded successfully into the module and then I also managed to connect to my MQTTS broker.

Thanks for your help!

Bartłomiej Gemalto Moderator's picture
Bartłomiej Gema...
Oct 20 2022 - 4:01pm

Great to hear that!

21 - 24 of 24 Comments

Pages