Espruino on RAK8212: Uploading cryptographic material to Quectel BG96

Some IoT platforms like AWS IoT require you to authenicate with X.509 client certificates when using MQTT as communication protocol for your devices.

The Quectel BG96 module on the RAK8212 already has an embedded MQTT stack, so there is no need for using a MQTT library on the device’s MCU.

The BG96 module supports client and server side authentication using X.509 certificates. The following files must be provided:

  • The MQTT client’s client certificate (e.g. 3a34634a38-certificate.pem.crt on AWS IoT)
  • The private key of the client (e.g. 3a34634a38-private.pem.key)
  • The trusted root CA certificates

The challenge is: How can these files be transfered to the BG96 module’s file system?

Having Espruino installed on the RAK8212, this is not a complicated task. Check my github account at

https://github.com/wklenk/rak8212-espruino-nb-iot

for the JavaScript file upload-ssl-certs-to-bg96.js

All three files have to be provided in PEM format. As this format is in ASCII, you can just cut and paste the contents to the JavaScript source code.

Then transfer the code to the device (using the Espruino IDE) and call function

uploadCertificates();

The files will be saved to the device as cert.pem, key.pem and cacert.pem and can be used in a later step to configure the SSL connection options for the embedded MQTT stack.

 ____                 _
|  __|___ ___ ___ _ _|_|___ ___
|  __|_ -| . |  _| | | |   | . |
|____|___|  _|_| |___|_|_|_|___|
         |_| espruino.com
 1v99 (c) 2018 G.Williams
Espruino is Open Source. Our work is supported
only by sales of official boards and donations:
http://espruino.com/Donate
>
>uploadCertificates();
Connecting Cellular Modem ...
=undefined
Cellular Modem connected.
Files in file system: +QFLST: "cacert.pem",1187
+QFLST: "cert.pem",1224
+QFLST: "key.pem",1679
+QFUPL line: +QFUPL: 1224,380d Uploaded cert.pem
+QFUPL line: +QFUPL: 345,1203 Uploaded key.pem
+QFUPL line: +QFUPL: 1187,2d19 Uploaded cacert.pem
Successfully uploaded SSL certificates to BG96 module.
>

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s