Unable to connect to AWS IoT Core on Greengrass install


I am attempting to install greengrass on an ubuntu VM. I get the Successfully set up Nucleus as a system service message, but it is not creating a greengrass core. And, my log says:

com.aws.greengrass.mqttclient.AwsIotMqttClient: Unable to connect to AWS IoT Core.

This issue looks similar to a previous question

I have tried two things. First, I created a deployment with a merge config below for the nucleus before running greengrass install command.

  "greengrassDataPlanePort": 443,
  "mqtt": {
    "port": 443

I have also tried stopping the greengrass service on my VM and then replacing all of the 8443's with 443's and also adding "port": 443 to the mqtt objects. This has not helped. I still get the Unable to connect to AWS IoT Core

  • If your network is blocking non-443 ports, then you cannot update the configuration by using a deployment since deployments rely on MQTT messaging. Instead, use the manual installation instructions by creating an init-config file and passing it to the installer you may set the required ports: https://docs.aws.amazon.com/greengrass/v2/developerguide/manual-installation.html#:~:text=in%20an%20HSM.-,Install%20the%20AWS%20IoT%20Greengrass%20Core%20software%20with%20private%20key%20and%20certificate%20files,-Install%20the%20AWS

    This was also explained in the issue that you linked, did you try the solutions there?

  • Ok, I was successful at installing and creating a greengrass device using the manual provisioning. My issue now is that I have a ready-made docker image and process to deploy new devices using the automatic provisioning method, but it won't work behind a firewall that blocks 8443. One thing I guess I can do is pre-install on a network that does not block the port and include port updates using a merge deployment on nucleus before moving to a network that blocks the port.

    Is there a possibility in the future where the installer will allow setting the port selection when automatic provisioning?

  • Hi there. Have you tried using the init-config of manual provisioning when installing Greengrass with automatic provisioning? That should allow you change the port when installing. If I mis-understand your problem/use case, please help us understand more about your request

  • Somehow my previous user account was deleted and then after creating a new one with the same email address, I'm unable to post new questions.

    Thanks Lihao, I'll try that.

asked 10 months ago83 views
1 Answer

Hello DarrenEB, We wanted to check if you have been able to try and still have issues. Let us know.

profile picture
answered 8 months ago
  • This is no longer an issue. Thanks.

  • Thanks for confirming, DarrenEB. We appreciate the update. Look forward for more questions and contributions from you in re:Post. Kind Regards

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions