AWS IoT uses MQTT, which is already well supported by the WICED Feather, but it has some additional requirements around security with the need for a certificate on the sensor node side (the WICED Feather) to validate that the device AWS IoT is talking to is indeed the right device.
To address some of the specifities of talking to AWS, the WICED Feather includes a sample AWS sketch in the MQTT/aws folder in examples. You should have this available on your system, but for convenience sake you can also browse the latest code online in github using the link below:
Convert Certificate with pycert
To validate the WICED Feather, we need to convert the certificates downloaded in the previous page of this tutorial into a format the WICED SDK understands. You can do this with the pycert tool we provide as part of the WICED Feather BSP.
Place the *certificate.pem.crt and *private.pem.key files in the sketch folder, and run the pycert tools as follows (you may need to adjust the '..' path to points to tools/pycert in the WICED Feather BSP):
python ../../../tools/pycert/pycert.py convert -c local_cert -l LOCAL_CERT_LEN **********-certificate.pem.crt
This should create a certificates.h file in the sketch folder containing the certificate data in 'local_cert':
Loaded certificate **********-certificate.pem.crt Wrote certificates.h
You can now reference certificates.h in your sketch (it is already included in the code), which takes care of one of the two certificates we need to deal with for AWS.
Add the Private Key to the Sketch
Next we need to add the private key to our demo sketch. The file downloaded is already in a binary format, so it doesn't need to be run through the pycert conversion tool, but you do need to copy the contents of the certificate into the sketch and perform a bit of manual labour to make it work.
Copy the contents of the *private.pem.key file to the browser, and paste them into your sketch in the aws_private_key array that is already defined:
const char aws_private_key[] = "-----BEGIN RSA PRIVATE KEY-----\n" "Your Key line 1 with\n" "Quote each of your key's lines like this example\n" "-----END RSA PRIVATE KEY-----";
You will need to place quotes before and after each line, and also add an '\n' newline character after each line! You'll end up with something like this:
const char aws_private_key[] = "-----BEGIN RSA PRIVATE KEY-----\n" "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\n" "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\n" "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\n" "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\n" "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\n" "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\n" "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\n" "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\n" "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\n" "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\n" "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\n" "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\n" "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\n" "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\n" "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\n" "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\n" "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\n" "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\n" "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\n" "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\n" "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\n" "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\n" "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\n" "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\n" "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\n" "-----END RSA PRIVATE KEY-----";
Add the AWS IoT MQTT Details
Finally you need to add the MQTT Server details for the AWS server, which will mean replacing these four values with the data generated in the previous page of this tutorial:
// ====================================================== #define AWS_IOT_MQTT_HOST "**********.iot.us-west-2.amazonaws.com" #define AWS_IOT_MQTT_PORT 8883 #define AWS_IOT_MQTT_CLIENT_ID "led" #define AWS_IOT_MY_THING_NAME "led" // ======================================================
Add AP Connection Details
At this point you simply need to add your connection details, and you should be able to flash the sketch to your WICED Feather and open the Serial Monitor to see the connection status:
AWS IOT Example Bootloader : 1.0.0 WICED SDK : 3.5.2 FeatherLib : 0.5.5 Arduino API : 0.5.6 Please wait while connecting to: 'CLARAWIFI' ... Connected! SSID : CLARAWIFI (-78 dBm) Encryption : WPA2_AES MAC Address : FF:FF:FF:FF:FF:FF Local IP : 10.0.1.10 Gateway : 10.0.1.1 Subnet Mask : 255.255.255.0 Connecting to **********.iot.us-west-2.amazonaws.com port 8883 ... OK Subscribing to $aws/things/led/shadow/update ... OK Enter '0' or '1' to update feed:
Entering either 1 or 0 into the Serial Monitor input should turn the LED on the WICED Feather on or off via AWS IoT. There will be a few seconds lag, of course, while the data makes a round trip and before the MQTT event is capture by the WICED Feather:
Enter '0' or '1' to update feed: 1 Enter '0' or '1' to update feed: Enter '0' or '1' to update feed: 0 Enter '0' or '1' to update feed: Enter '0' or '1' to update feed:
That's it! At this point, you can start looking at the example sketch we used above to see how you can modify it to fit your needs, but you've done all the heavy lifting to get AWS IoT working, and securely connecting your WICED Feather to Amazon's servers!
Doing something neat with AWS IoT? Make sure to let us know in the forums!
Page last edited March 08, 2024
Text editor powered by tinymce.