SSL authentication for IoT core fails in one region while successful in the other region (same certificates)

Our teams are working on a project that involves two Quectel modems (BG77 & BG96) for MQTT pub/sub operations which are being handled on the AWS IoT core. I am facing issue with device SSL authentication in South Asia.

Following was done :

**Certificates (cacert.pem,client.pem,user_key.pem) **were generated from the IoT Core in US-WEST (N.California) region from our developer team in California.
The certificates were stored in the modem's flash for SSL authentication before opening the MQTT connection to AWS endpoint.
The authentication was successful and MQTT connection , pub/sub operations are being successfully performed by our California team.
However, we have another team in South Asia (Pakistan) and for them the MQTT connection wasn't opened and SSL authentication failed using those same certificates.

We are unable to figure out the problem. Any kind of assistance will be appreciated. Regards.

MassimilianoAWS EXPERT
2 years ago
Which iot endpoint (region) did the Pakistan's team connect to?
Aqib
2 years ago
The Pakistan's team is trying to use the same endpoint that the other team was using. It's US-West-1.
MassimilianoAWS EXPERT
2 years ago
Please provide additional information about the failure. There might be a timeout issue on the SSL negotiation.
Aqib
2 years ago
QMTOPEN is the AT command for the modem to open the network as a MQTT client. And it's maximum response time is 75s. But while using the AWS endpoint, the response from the QMTOPEN command is very prompt (about 2-3s). So I believe it's not a timeout problem.

Topics

Internet of Things (IoT)

Relevant content

IOT Core Region
Ersin KARALIOGLU
asked 4 months ago
AWS IOT Core Region
Ersin KARALIOGLU
asked 5 months ago
Greengrass IPC to IoT Core in low/no connectivity regions
Sash
asked 2 years ago
What is the right setup for development for a team who works on the same project?
Accepted Answer
wonderful world
asked 2 years ago
How do I access FSx for ONTAP using a transit gateway across different VPCs in the same Region?
AWS OFFICIALUpdated 10 months ago
Can I export my public ACM certificates to other AWS Regions or AWS accounts?
AWS OFFICIALUpdated 2 years ago
Why is my EventBridge rule not working in Regions other than the one I created it in?
AWS OFFICIALUpdated 7 months ago
How do I launch Amazon WorkSpaces with a directory that is currently running in another Region from the same account?
AWS OFFICIALUpdated a year ago
How to maintain/upgrade your device authentication/authorization scheme when migrating to AWS IoT Core
EXPERT
Charlyscott237
published 7 months ago
Connect and Publish to AWS IoT Core using the AWS SDK for .NET
EXPERT
Kai Dickman
published 6 months ago