As with the previous exercise, we will use a sample for a nRF Connect SDK cloud library, and learn how it can be used for FOTA. Specifically, we will learn how to use AWS to do FOTA over Wi-Fi for a nRF7002DK. The exercise code is based on the AWS IoT Sample. Since the AWS IoT library in the nRF Connect SDK does have automatic FOTA support, we will not need to implement much in our application to handle the FOTA.
The goal of the FOTA procedure is to transfer the l9_e7/zephyr.signed.bin file from the cloud to the mcuboot_secondary memory partition in the nRF7002 DK. After that is done, MCUboot will swap the image as normal.
Exercise steps
Open the code base of the exercise by navigating to Create a new application in the nRF Connect for VS Code extension, select Copy a sample, and search for Lesson 9 – Exercise 7.
First, we have to connect the nRF7002 DK to the Wi-Fi. Please fill out the SSID and password of your local Wi-Fi access point.
Add the following code snippet to the prj.conf file.
Copy
# STEP 1 - Configure the Wi-Fi credentials CONFIG_WIFI_CREDENTIALS_STATIC_SSID="<your_network_SSID>"CONFIG_WIFI_CREDENTIALS_STATIC_PASSWORD="<your_network_password>"
Kconfig
1.1 Build the project and flash it to the nRF7002 DK (nrf7002dk/nrf5340/cpuapp/ns).
You should see the following log when the device has connected to the Wi-Fi.
*** Booting nRF Connect SDK v2.9.0-7787b2649840 ****** Using Zephyr OS v3.7.99-1f8f3dc29142 ***[00:00:00.214,538] <inf> aws_iot_sample: The AWS IoT sample started, version: v1.0.0[00:00:00.214,538] <inf> aws_iot_sample: Bringing network interface up and connecting to the network[00:00:00.216,949] <inf> wifi_supplicant: wpa_supplicant initialized[00:00:08.871,582] <inf> wifi_mgmt_ext: Connection requested[00:00:13.119,873] <inf> aws_iot_sample: Network connectivity established[00:00:18.119,964] <inf> aws_iot_sample: Connecting to AWS IoT[00:00:18.209,411] <err> mqtt_helper: getaddrinfo() failed, error -5[00:00:18.209,442] <err> aws_iot: mqtt_helper_connect, error: 5[00:00:18.209,442] <err> aws_iot_sample: aws_iot_connect, error: 5[00:00:18.209,442] <err> aws_iot_sample: Fatal error! Rebooting the device.
Terminal
Note
The getaddrinfo error is because we have the wrong address for the AWS cloud IoT server. To get the correct address, we must first set up an AWS IoT Hub.
2. Set up an AWS IoT Hub.
Althought there are a few ways to setup AWS IoT system we will use AWS-web page interface for make exercise simple.
3.2 In the left menu, scroll down and select Domain Configurations (1).
Copy the Domain name (2) and paste it to CONFIG_AWS_IOT_BROKER_HOST_NAME. Next, build and flash the application again.
Now, we should no longer get the address error, but see that we get error -22 from MQTT
*** Booting nRF Connect SDK v2.9.0-7787b2649840 ****** Using Zephyr OS v3.7.99-1f8f3dc29142 ***[00:00:00.216,522] <inf> aws_iot_sample: The AWS IoT sample started, version: v1.0.0[00:00:00.216,552] <inf> aws_iot_sample: Bringing network interface up and connecting to the network[00:00:00.218,933] <inf> wifi_supplicant: wpa_supplicant initialized[00:00:08.774,597] <inf> wifi_mgmt_ext: Connection requested[00:00:13.025,573] <inf> aws_iot_sample: Network connectivity established[00:00:18.025,665] <inf> aws_iot_sample: Connecting to AWS IoT[00:00:25.932,891] <err> mqtt_helper: mqtt_connect, error: -22[00:00:25.932,922] <err> aws_iot: mqtt_helper_connect, error: -22[00:00:25.932,922] <err> aws_iot_sample: aws_iot_connect, error: -22[00:00:25.932,922] <err> aws_iot_sample: Fatal error! Rebooting the device.
Terminal
This error is because we have not yet set up the Thing and its certificates.
4. Add an IoT Device (Thing) to AWS and generate certificates for it.
4.1 We will still stay on the IoT Core page. In the left-hand menu, select All Devices -> Things (1). Then select Create Things (2).
Select Create single Thing, then next. On the next page, enter a name. For example, academy_thing.
We do not need any of the optional configurations for this exercise. For this exercise, we select Unnamed shadow for the Device Shadow. Click next again. On the next page, Auto-generate a new certificate (recommended) is already selected by default. We also want this, so just click next once more.
The next page will be for selecting a policy, but we have no policy for our Thing yet. Click Create Policy to open a new tab to create a policy. In the new tab, choose a policy name, for example, academy_policy. Below, for the Policy Document select JSON. Remove the default JSON text from the box.
Important
This policy example is only intended for development environments. Make sure to update this to a more restrictive policy before you go into production. For more information, refer to the example policies listed in AWS IoT Core policy examples and Security best practices in AWS IoT Core.
Go back to the Select Policy page we were at, and now the new policy should be visible. Select the policy, for example academy_policy. Then click Create thing . This will open a window where we can download keys and certificates from. Make sure to download these. We should download 4 files: Device certificate (XXXX-certificate.pem.crt), Public key file, Private key file and RSA 2048 bit key: Amazon Root CA 1. We choose CA1 as we will use RSA2048 for HTTPS. After we have checked that the files were successfully downloaded, click done. We now should be able to see the new Thing in our list of Things:
4.2 Add AWS Thing name to the prj.conf file
Now that we have created a name for the Thing, we can configure it to the project:
Copy
# STEP 4.2 - Add AWS Thing name CONFIG_AWS_IOT_CLIENT_ID_STATIC="academy_thing"
Kconfig
Next up, we will add the certificates to our application. In our certs folder, we have three cert files that need to be set: ca-cert.pem, client-cert.pem and private-key.pem. These match our downloaded certs as such:
ca-cert.pem < – > AmazonRootCA1.pem
client-cert.pem < – > XXXX-certificate.pem.crt
private-key.pem < – > XXXX-private.pem.key
Then copy the content into the corresponding certificate files, replacing the dummy certs.
With the Thing name configured and the certificates set, build and flash with erase board option the nRF7002 DK. We should now see the following logs:
*** Booting nRF Connect SDK 2.6.1-3758bcbfa5cd ***[00:00:00.236,022] <inf> aws_iot_sample: AWS IoT sample started, version: v1.0.0[00:00:00.236,022] <inf> aws_iot_sample: Bringing network interface up and connecting to the network[00:00:07.829,193] <inf> aws_iot_sample: Network connectivity established[00:00:12.829,284] <inf> aws_iot_sample: Connecting to AWS IoT[00:00:12.829,315] <inf> aws_iot_sample: Next connection retry in 30 seconds[00:00:12.829,376] <inf> aws_iot_sample: AWS_IOT_EVT_CONNECTING[00:00:16.560,211] <inf> aws_iot_sample: AWS_IOT_EVT_CONNECTED[00:00:16.560,241] <inf> aws_iot_sample: Confirming image[00:00:16.562,255] <inf> aws_iot_sample: Publishing message: {"state":{"reported":{"uptime":16562,"app_version":"v1.0.0"}}} to AWS IoT shadow[00:00:16.716,949] <inf> aws_iot_sample: AWS_IOT_EVT_READY[00:00:16.762,329] <inf> aws_iot_sample: AWS_IOT_EVT_PUBACK, message ID: 20926[00:00:16.836,425] <inf> aws_iot_sample: AWS_IOT_EVT_DATA_RECEIVED[00:00:16.836,547] <inf> aws_iot_sample: Received message: "{"state":{"desired":{"welcome":"aws-iot"},"reported":{"welcome":"aws-iot","uptime":16562,"app_version":"v1.0.0"}},"metadata":{"desired":{"welcome":{"timestamp":1700036251}},"reported":{"welcome":{"timestamp":1700036251},"uptime":{"timestamp":1700044246},"app_version":{"timestamp":1700044246}}},"version":51,"timestamp":1700044246}" on topic: "$aws/things/academy_thing/shadow/get/accepted"
Terminal
Note
This exercise could be performed on the nRF91 Series. Then we can use cellular network instead of Wi-Fi.
In that case certificate provisioning would be different for the nRF91 Series devices, as it stores certificates in its modem and you should use AWS IoT Sample for the instruction.
5. Perform FOTA with AWS IoT Core.
Now that we have successfully connected the nRF7002 DK to AWS IoT Core, we can do FOTA with it.
For these steps, our documentation instructs on how to use the GUI.
5.1 To enable AWS FOTA in the application, set the following configurations in prj.conf file
The tag is set to 201, because the project is configured with CONFIG_MQTT_HELPER_SEC_TAG=201, so we use the same certs for FOTA.
Note
CONFIG_AWS_FOTA_DOWNLOAD_SECURITY_SEC_TAG and CONFIG_MQTT_HELPER_SEC_TAGare identification numbers for our set of keys (we can have more than one set). These could be random numbers as long as they are the same for both attributes.
5.2 Build and flash the application again.
5.3 Change something in src/main.c, for example a print statement. We do this so we can see something change when we update the device. MCUboot will not swap if the firmware update is identical, either. Also inrement the AWS IoT sample version:
5.4 Build the application again, but do not flash it to the board.
5.5 Follow the steps documented in AWS FOTA: Creating a FOTA job. After clicking Submit, we can observe in the logs that the FOTA has started downloading.
When the download is complete, the sample will automatically tag the mcuboot_secondary as “test” and restart the nRF7002 DK. Then the new image will swap into mcuboot_primary and boot the new application, which will be confirmed as well.
The solution for this exercise can be found in the GitHub repository in l9/l9_e7_sol.
v3.0.0
As with the previous exercise, we will use a sample for a nRF Connect SDK cloud library, and learn how it can be used for FOTA. Specifically, we will learn how to use AWS to do FOTA over Wi-Fi for a nRF7002DK. The exercise code is based on the AWS IoT Sample. Since the AWS IoT library in the nRF Connect SDK does have automatic FOTA support, we will not need to implement much in our application to handle the FOTA.
The goal of the FOTA procedure is to transfer the l9_e7/zephyr.signed.bin file from the cloud to the mcuboot_secondary memory partition in the nRF7002 DK. After that is done, MCUboot will swap the image as normal.
Exercise steps
Open the code base of the exercise by navigating to Create a new application in the nRF Connect for VS Code extension, select Copy a sample, and search for Lesson 9 – Exercise 7.
First, we have to connect the nRF7002 DK to the Wi-Fi. Please fill out the SSID and password of your local Wi-Fi access point.
Add the following code snippet to the prj.conf file.
Copy
# STEP 1 - Configure the Wi-Fi credentials CONFIG_WIFI_CREDENTIALS_STATIC_SSID="<your_network_SSID>"CONFIG_WIFI_CREDENTIALS_STATIC_PASSWORD="<your_network_password>"
Kconfig
1.1 Build the project and flash it to the nRF7002 DK (nrf7002dk/nrf5340/cpuapp/ns).
You should see the following log when the device has connected to the Wi-Fi.
*** Booting nRF Connect SDK v2.9.0-7787b2649840 ****** Using Zephyr OS v3.7.99-1f8f3dc29142 ***[00:00:00.214,538] <inf> aws_iot_sample: The AWS IoT sample started, version: v1.0.0[00:00:00.214,538] <inf> aws_iot_sample: Bringing network interface up and connecting to the network[00:00:00.216,949] <inf> wifi_supplicant: wpa_supplicant initialized[00:00:08.871,582] <inf> wifi_mgmt_ext: Connection requested[00:00:13.119,873] <inf> aws_iot_sample: Network connectivity established[00:00:18.119,964] <inf> aws_iot_sample: Connecting to AWS IoT[00:00:18.209,411] <err> mqtt_helper: getaddrinfo() failed, error -5[00:00:18.209,442] <err> aws_iot: mqtt_helper_connect, error: 5[00:00:18.209,442] <err> aws_iot_sample: aws_iot_connect, error: 5[00:00:18.209,442] <err> aws_iot_sample: Fatal error! Rebooting the device.
Terminal
Note
The getaddrinfo error is because we have the wrong address for the AWS cloud IoT server. To get the correct address, we must first set up an AWS IoT Hub.
2. Set up an AWS IoT Hub.
Althought there are a few ways to setup AWS IoT system we will use AWS-web page interface for make exercise simple.
3.2 In the left menu, scroll down and select Domain Configurations (1).
Copy the Domain name (2) and paste it to CONFIG_AWS_IOT_BROKER_HOST_NAME. Next, build and flash the application again.
Now, we should no longer get the address error, but see that we get error -22 from MQTT
*** Booting nRF Connect SDK v2.9.0-7787b2649840 ****** Using Zephyr OS v3.7.99-1f8f3dc29142 ***[00:00:00.216,522] <inf> aws_iot_sample: The AWS IoT sample started, version: v1.0.0[00:00:00.216,552] <inf> aws_iot_sample: Bringing network interface up and connecting to the network[00:00:00.218,933] <inf> wifi_supplicant: wpa_supplicant initialized[00:00:08.774,597] <inf> wifi_mgmt_ext: Connection requested[00:00:13.025,573] <inf> aws_iot_sample: Network connectivity established[00:00:18.025,665] <inf> aws_iot_sample: Connecting to AWS IoT[00:00:25.932,891] <err> mqtt_helper: mqtt_connect, error: -22[00:00:25.932,922] <err> aws_iot: mqtt_helper_connect, error: -22[00:00:25.932,922] <err> aws_iot_sample: aws_iot_connect, error: -22[00:00:25.932,922] <err> aws_iot_sample: Fatal error! Rebooting the device.
Terminal
This error is because we have not yet set up the Thing and its certificates.
4. Add an IoT Device (Thing) to AWS and generate certificates for it.
4.1 We will still stay on the IoT Core page. In the left-hand menu, select All Devices -> Things (1). Then select Create Things (2).
Select Create single Thing, then next. On the next page, enter a name. For example, academy_thing.
We do not need any of the optional configurations for this exercise. For this exercise, we select Unnamed shadow for the Device Shadow. Click next again. On the next page, Auto-generate a new certificate (recommended) is already selected by default. We also want this, so just click next once more.
The next page will be for selecting a policy, but we have no policy for our Thing yet. Click Create Policy to open a new tab to create a policy. In the new tab, choose a policy name, for example, academy_policy. Below, for the Policy Document select JSON. Remove the default JSON text from the box.
Important
This policy example is only intended for development environments. Make sure to update this to a more restrictive policy before you go into production. For more information, refer to the example policies listed in AWS IoT Core policy examples and Security best practices in AWS IoT Core.
Go back to the Select Policy page we were at, and now the new policy should be visible. Select the policy, for example academy_policy. Then click Create thing . This will open a window where we can download keys and certificates from. Make sure to download these. We should download 4 files: Device certificate (XXXX-certificate.pem.crt), Public key file, Private key file and RSA 2048 bit key: Amazon Root CA 1. We choose CA1 as we will use RSA2048 for HTTPS. After we have checked that the files were successfully downloaded, click done. We now should be able to see the new Thing in our list of Things:
4.2 Add AWS Thing name to the prj.conf file
Now that we have created a name for the Thing, we can configure it to the project:
Copy
# STEP 4.2 - Add AWS Thing name CONFIG_AWS_IOT_CLIENT_ID_STATIC="academy_thing"
Kconfig
Next up, we will add the certificates to our application. In our certs folder, we have three cert files that need to be set: ca-cert.pem, client-cert.pem and private-key.pem. These match our downloaded certs as such:
ca-cert.pem < – > AmazonRootCA1.pem
client-cert.pem < – > XXXX-certificate.pem.crt
private-key.pem < – > XXXX-private.pem.key
Then copy the content into the corresponding certificate files, replacing the dummy certs.
With the Thing name configured and the certificates set, build and flash with erase board option the nRF7002 DK. We should now see the following logs:
*** Booting nRF Connect SDK 2.6.1-3758bcbfa5cd ***[00:00:00.236,022] <inf> aws_iot_sample: AWS IoT sample started, version: v1.0.0[00:00:00.236,022] <inf> aws_iot_sample: Bringing network interface up and connecting to the network[00:00:07.829,193] <inf> aws_iot_sample: Network connectivity established[00:00:12.829,284] <inf> aws_iot_sample: Connecting to AWS IoT[00:00:12.829,315] <inf> aws_iot_sample: Next connection retry in 30 seconds[00:00:12.829,376] <inf> aws_iot_sample: AWS_IOT_EVT_CONNECTING[00:00:16.560,211] <inf> aws_iot_sample: AWS_IOT_EVT_CONNECTED[00:00:16.560,241] <inf> aws_iot_sample: Confirming image[00:00:16.562,255] <inf> aws_iot_sample: Publishing message: {"state":{"reported":{"uptime":16562,"app_version":"v1.0.0"}}} to AWS IoT shadow[00:00:16.716,949] <inf> aws_iot_sample: AWS_IOT_EVT_READY[00:00:16.762,329] <inf> aws_iot_sample: AWS_IOT_EVT_PUBACK, message ID: 20926[00:00:16.836,425] <inf> aws_iot_sample: AWS_IOT_EVT_DATA_RECEIVED[00:00:16.836,547] <inf> aws_iot_sample: Received message: "{"state":{"desired":{"welcome":"aws-iot"},"reported":{"welcome":"aws-iot","uptime":16562,"app_version":"v1.0.0"}},"metadata":{"desired":{"welcome":{"timestamp":1700036251}},"reported":{"welcome":{"timestamp":1700036251},"uptime":{"timestamp":1700044246},"app_version":{"timestamp":1700044246}}},"version":51,"timestamp":1700044246}" on topic: "$aws/things/academy_thing/shadow/get/accepted"
Terminal
Note
This exercise could be performed on the nRF91 Series. Then we can use cellular network instead of Wi-Fi.
In that case certificate provisioning would be different for the nRF91 Series devices, as it stores certificates in its modem and you should use AWS IoT Sample for the instruction.
5. Perform FOTA with AWS IoT Core.
Now that we have successfully connected the nRF7002 DK to AWS IoT Core, we can do FOTA with it.
For these steps, our documentation instructs on how to use the GUI.
5.1 To enable AWS FOTA in the application, set the following configurations in prj.conf file
The tag is set to 201, because the project is configured with CONFIG_MQTT_HELPER_SEC_TAG=201, so we use the same certs for FOTA.
Note
CONFIG_AWS_FOTA_DOWNLOAD_SECURITY_SEC_TAG and CONFIG_MQTT_HELPER_SEC_TAGare identification numbers for our set of keys (we can have more than one set). These could be random numbers as long as they are the same for both attributes.
5.2 Build and flash the application again.
5.3 Change something in src/main.c, for example a print statement. We do this so we can see something change when we update the device. MCUboot will not swap if the firmware update is identical, either. Also inrement the AWS IoT sample version:
5.4 Build the application again, but do not flash it to the board.
5.5 Follow the steps documented in AWS FOTA: Creating a FOTA job. After clicking Submit, we can observe in the logs that the FOTA has started downloading.
When the download is complete, the sample will automatically tag the mcuboot_secondary as “test” and restart the nRF7002 DK. Then the new image will swap into mcuboot_primary and boot the new application, which will be confirmed as well.
The solution for this exercise can be found in the GitHub repository in l9/l9_e7_sol.
v3.0.0
As with the previous exercise, we will use a sample for a nRF Connect SDK cloud library, and learn how it can be used for FOTA. Specifically, we will learn how to use AWS to do FOTA over Wi-Fi for a nRF7002DK. The exercise code is based on the AWS IoT Sample. Since the AWS IoT library in the nRF Connect SDK does have automatic FOTA support, we will not need to implement much in our application to handle the FOTA.
The goal of the FOTA procedure is to transfer the app_update.bin file from the cloud to the mcuboot_secondary memory partition in the nRF7002 DK. After that is done, MCUboot will swap the image as normal.
Exercise steps
Open the code base of the exercise by navigating to Create a new application in the nRF Connect for VS Code extension, select Copy a sample, and search for Lesson 8 – Exercise 5.
Alternatively, in the GitHub repository for this course, go to the base code for this exercise, found in l8/l8_e5 or l8/v2.5.x/l8_e5.
Note
There exists two code bases for this exercise.
nRF Connect SDK v2.6.x: l8/l8_e5.
nRF Connect SDK v2.5.x: l8/v2.5.x/l8_e5.
1. Configure the Wi-Fi credentials.
First, we have to connect the nRF7002 DK to the Wi-Fi. Please fill out the SSID and password of your local Wi-Fi access point.
Add the following code snippet to the boards/nrf7002dk_nrf5340_cpuapp.conf file.
1.1 Build the project and flash it to the nRF7002 DK (nrf7002dk_nrf5340_cpuapp).
You should see the following log when the device has connected to the Wi-Fi.
Note
The getaddrinfo error is because we have the wrong address for the AWS cloud IoT server. To get the correct address, we must first set up an AWS IoT Hub.
*** Booting nRF Connect SDK v2.9.0-7787b2649840 ****** Using Zephyr OS v3.7.99-1f8f3dc29142 ***[00:00:00.214,538] <inf> aws_iot_sample: The AWS IoT sample started, version: v1.0.0[00:00:00.214,538] <inf> aws_iot_sample: Bringing network interface up and connecting to the network[00:00:00.216,949] <inf> wifi_supplicant: wpa_supplicant initialized[00:00:08.871,582] <inf> wifi_mgmt_ext: Connection requested[00:00:13.119,873] <inf> aws_iot_sample: Network connectivity established[00:00:18.119,964] <inf> aws_iot_sample: Connecting to AWS IoT[00:00:18.209,411] <err> mqtt_helper: getaddrinfo() failed, error -5[00:00:18.209,442] <err> aws_iot: mqtt_helper_connect, error: 5[00:00:18.209,442] <err> aws_iot_sample: aws_iot_connect, error: 5[00:00:18.209,442] <err> aws_iot_sample: Fatal error! Rebooting the device.
Terminal
2. Set up an AWS IoT Hub.
There are two ways to interact with AWS:
Using the aws iot command line tool
Using the AWS web-page interface
Our AWS IoT: Setup and configuration docs give instructions to aws iot. We will give steps on how to set up AWS IoT from the AWS web-page interface here.
2.1 First, create an account at https://aws.amazon.com/. For development, We suggest the same settings from our docs: For development purposes, the AWS managed policies AWSIoTConfigAccess and AWSIoTDataAccess provide sufficient permissions to manage AWS IoT. If you want to use AWS FOTA, the AmazonS3FullAccess policy can be used to obtain access to AWS S3.
3. Input the correct address for our device to connect to.
3.2 In the left menu, scroll down and select Domain Configurations (1). Copy the Domain name (2) and paste it to CONFIG_AWS_IOT_BROKER_HOST_NAME.
Now, we should no longer get the address error, but see that we get error -22 from MQTT:
*** Booting nRF Connect SDK v2.9.0-7787b2649840 ****** Using Zephyr OS v3.7.99-1f8f3dc29142 ***[00:00:00.216,522] <inf> aws_iot_sample: The AWS IoT sample started, version: v1.0.0[00:00:00.216,552] <inf> aws_iot_sample: Bringing network interface up and connecting to the network[00:00:00.218,933] <inf> wifi_supplicant: wpa_supplicant initialized[00:00:08.774,597] <inf> wifi_mgmt_ext: Connection requested[00:00:13.025,573] <inf> aws_iot_sample: Network connectivity established[00:00:18.025,665] <inf> aws_iot_sample: Connecting to AWS IoT[00:00:25.932,891] <err> mqtt_helper: mqtt_connect, error: -22[00:00:25.932,922] <err> aws_iot: mqtt_helper_connect, error: -22[00:00:25.932,922] <err> aws_iot_sample: aws_iot_connect, error: -22[00:00:25.932,922] <err> aws_iot_sample: Fatal error! Rebooting the device.
Terminal
This error is because we have not yet set up the Thing and its certificates.
4. Add an IoT Device (Thing) to AWS and generate certificates for it.
4.1 We will still stay on the IoT Core page. In the left-hand menu, select All Devices -> Things (1). Then select Create Things (2).
Select Create single Thing, then next. On the next page, enter a name. For example, academy_thing. We do not need any of the optional configurations for this exercise. For this exercise, we select Unnamed shadow for the Device Shadow. Click next again. On the next page, Auto-generate a new certificate (recommended) is already selected by default. We also want this, so just click next once more.
The next page will be for selecting a policy, but we have no policy for our Thing yet. Click Create Policy to open a new tab to create a policy. In the new tab, choose a policy name, for example, academy_policy. Below, for the Policy Document select JSON. Remove the default JSON text from the box. Then copy the JSON from AWS IoT setup: 3. Creating a policy and insert it to the page.
Go back to the Select Policy page we were at, and now the new policy should be visible. Select the policy, for example academy_policy. Then clock Create thing . This will open a window where we can download keys and certificates from. Make sure to download these. We should download 4 files: Device certificate, Public key file, Private key file and RSA 2048 bit key: Amazon Root CA 1. We choose CA1 as we will use RSA2048 for HTTPS. After we have checked that the files were successfully downloaded, click done. We now should be able to see the new Thing in our list of Things:
4.2 Now that we have created a name for the Thing, we can configure it to the project:
Copy
CONFIG_AWS_IOT_CLIENT_ID_STATIC="academy_thing"
Kconfig
Next up, we will add the certificates to our application. In our certs folder, we have three cert files that need to be set: ca-cert.pem, client-cert.pem and private-key.pem. These match our downloaded certs as such:
AmazonRootCA1.pem -> ca-cert.pem
XXXX-certificate.pem.crt -> client-cert.pem
XXXX-private.pem.key -> private-key.pem
Move the downloaded certificates into the certs/ folder, and rename them to overwrite the dummy certificates.
With the Thing name configured and the certificates set, build and flash the nRF7002 DK. We should now see the following logs:
*** Booting nRF Connect SDK 2.6.1-3758bcbfa5cd ***[00:00:00.236,022] <inf> aws_iot_sample: AWS IoT sample started, version: v1.0.0[00:00:00.236,022] <inf> aws_iot_sample: Bringing network interface up and connecting to the network[00:00:07.829,193] <inf> aws_iot_sample: Network connectivity established[00:00:12.829,284] <inf> aws_iot_sample: Connecting to AWS IoT[00:00:12.829,315] <inf> aws_iot_sample: Next connection retry in 30 seconds[00:00:12.829,376] <inf> aws_iot_sample: AWS_IOT_EVT_CONNECTING[00:00:16.560,211] <inf> aws_iot_sample: AWS_IOT_EVT_CONNECTED[00:00:16.560,241] <inf> aws_iot_sample: Confirming image[00:00:16.562,255] <inf> aws_iot_sample: Publishing message: {"state":{"reported":{"uptime":16562,"app_version":"v1.0.0"}}} to AWS IoT shadow[00:00:16.716,949] <inf> aws_iot_sample: AWS_IOT_EVT_READY[00:00:16.762,329] <inf> aws_iot_sample: AWS_IOT_EVT_PUBACK, message ID: 20926[00:00:16.836,425] <inf> aws_iot_sample: AWS_IOT_EVT_DATA_RECEIVED[00:00:16.836,547] <inf> aws_iot_sample: Received message: "{"state":{"desired":{"welcome":"aws-iot"},"reported":{"welcome":"aws-iot","uptime":16562,"app_version":"v1.0.0"}},"metadata":{"desired":{"welcome":{"timestamp":1700036251}},"reported":{"welcome":{"timestamp":1700036251},"uptime":{"timestamp":1700044246},"app_version":{"timestamp":1700044246}}},"version":51,"timestamp":1700044246}" on topic: "$aws/things/academy_thing/shadow/get/accepted"
Terminal
Note
The certificate provisioning would be different for the nRF91 Series devices, as it stores certificates in its modem.
5. Now that we have successfully connected the nRF7002 DK to AWS IoT Core, we can do FOTA with it.
For these steps, our documentation instructs on how to use the GUI.
5.1 To enable AWS FOTA in the application, set the following configurations in boards/nrf7002dk_nrf5340_cpuapp_ns.conf file
The tag is set to 201, because the project is configured with CONFIG_MQTT_HELPER_SEC_TAG=201, so we use the same certs for FOTA.
5.2 Build and flash the application again.
5.3 Change something in src/main.c, for example a print statement. We do this so we can see something change when we update the device. MCUboot will not swap if the firmware update is identical, either.
5.4 Build the application again, but do not flash it to the board.
5.5 Follow the steps documented in AWS FOTA: Creating a FOTA job. After clicking Submit, we can observe in the logs that the FOTA has started downloading.
When the download is complete, the sample will automatically tag the mcuboot_secondary as “test” and restart the nRF7002 DK. Then the new image will swap into mcuboot_primary and boot the new application, which will be confirmed as well. This exercise ends now, but if you want, you can try to find the callback signaling that the FOTA is done, and see what it does.
The solution for this exercise can be found in the GitHub repository, l8/l8_e5_sol or l8/v2.5.x/l8_e5_sol.
Nordic Developer Academy Privacy Policy
1. Introduction
In this Privacy Policy you will find information on Nordic Semiconductor ASA (“Nordic Semiconductor”) processes your personal data when you use the Nordic Developer Academy.
References to “we” and “us” in this document refers to Nordic Semiconductor.
2. Our processing of personal data when you use the Nordic Developer Academy
2.1 Nordic Developer Academy
Nordic Semiconductor processes personal data in order to provide you with the features and functionality of the Nordic Developer Academy. Creating a user account is optional, but required if you want to track you progress and view your completed courses and obtained certificates. If you choose to create a user account, we will process the following categories of personal data:
Email
Name
Password (encrypted)
Course progression (e.g. which course you have completely or partly completed)
Certificate information, which consists of name of completed course and the validity of the certificate
Course results
During your use of the Nordic Developer Academy, you may also be asked if you want to provide feedback. If you choose to respond to any such surveys, we will also process the personal data in your responses in that survey.
The legal basis for this processing is GDPR article 6 (1) b. The processing is necessary for Nordic Semiconductor to provide the Nordic Developer Academy under the Terms of Service.
2.2 Analytics
If you consent to analytics, Nordic Semiconductor will use Google Analytics to obtain statistics about how the Nordic Developer Academy is used. This includes collecting information on for example what pages are viewed, the duration of the visit, the way in which the pages are maneuvered, what links are clicked, technical information about your equipment. The information is used to learn how Nordic Developer Academy is used and how the user experience can be further developed.
2.2 Newsletter
You can consent to receive newsletters from Nordic from within the Nordic Developer Academy. How your personal data is processed when you sign up for our newsletters is described in the Nordic Semiconductor Privacy Policy.
3. Retention period
We will store your personal data for as long you use the Nordic Developer Academy. If our systems register that you have not used your account for 36 months, your account will be deleted.
4. Additional information
Additional information on how we process personal data can be found in the Nordic Semiconductor Privacy Policy and Cookie Policy.
Nordic Developer Academy Terms of Service
1. Introduction
These terms and conditions (“Terms of Use”) apply to the use of the Nordic Developer Academy, provided by Nordic Semiconductor ASA, org. nr. 966 011 726, a public limited liability company registered in Norway (“Nordic Semiconductor”).
Nordic Developer Academy allows the user to take technical courses related to Nordic Semiconductor products, software and services, and obtain a certificate certifying completion of these courses. By completing the registration process for the Nordic Developer Academy, you are agreeing to be bound by these Terms of Use.
These Terms of Use are applicable as long as you have a user account giving you access to Nordic Developer Academy.
2. Access to and use of Nordic Developer Academy
Upon acceptance of these Terms of Use you are granted a non-exclusive right of access to, and use of Nordic Developer Academy, as it is provided to you at any time. Nordic Semiconductor provides Nordic Developer Academy to you free of charge, subject to the provisions of these Terms of Use and the Nordic Developer Academy Privacy Policy.
To access select features of Nordic Developer Academy, you need to create a user account. You are solely responsible for the security associated with your user account, including always keeping your login details safe.
You will able to receive an electronic certificate from Nordic Developer Academy upon completion of courses. By issuing you such a certificate, Nordic Semiconductor certifies that you have completed the applicable course, but does not provide any further warrants or endorsements for any particular skills or professional qualifications.
Nordic Semiconductor will continuously develop Nordic Developer Academy with new features and functionality, but reserves the right to remove or alter any existing functions without notice.
3. Acceptable use
You undertake that you will use Nordic Developer Academy in accordance with applicable law and regulations, and in accordance with these Terms of Use. You must not modify, adapt, or hack Nordic Developer Academy or modify another website so as to falsely imply that it is associated with Nordic Developer Academy, Nordic Semiconductor, or any other Nordic Semiconductor product, software or service.
You agree not to reproduce, duplicate, copy, sell, resell or in any other way exploit any portion of Nordic Developer Academy, use of Nordic Developer Academy, or access to Nordic Developer Academy without the express written permission by Nordic Semiconductor. You must not upload, post, host, or transmit unsolicited email, SMS, or \”spam\” messages.
You are responsible for ensuring that the information you post and the content you share does not;
contain false, misleading or otherwise erroneous information
infringe someone else’s copyrights or other intellectual property rights
contain sensitive personal data or
contain information that might be received as offensive or insulting.
Such information may be removed without prior notice.
Nordic Semiconductor reserves the right to at any time determine whether a use of Nordic Developer Academy is in violation of its requirements for acceptable use.
Violation of the at any time applicable requirements for acceptable use may result in termination of your account. We will take reasonable steps to notify you and state the reason for termination in such cases.
4. Routines for planned maintenance
Certain types of maintenance may imply a stop or reduction in availability of Nordic Developer Academy. Nordic Semiconductor does not warrant any level of service availability but will provide its best effort to limit the impact of any planned maintenance on the availability of Nordic Developer Academy.
5. Intellectual property rights
Nordic Semiconductor retains all rights to all elements of Nordic Developer Academy. This includes, but is not limited to, the concept, design, trademarks, know-how, trade secrets, copyrights and all other intellectual property rights.
Nordic Semiconductor receives all rights to all content uploaded or created in Nordic Developer Academy. You do not receive any license or usage rights to Nordic Developer Academy beyond what is explicitly stated in this Agreement.
6. Liability and damages
Nothing within these Terms of Use is intended to limit your statutory data privacy rights as a data subject, as described in the Nordic Developer Academy Privacy Policy. You acknowledge that errors might occur from time to time and waive any right to claim for compensation as a result of errors in Nordic Developer Academy. When an error occurs, you shall notify Nordic Semiconductor of the error and provide a description of the error situation.
You agree to indemnify Nordic Semiconductor for any loss, including indirect loss, arising out of or in connection with your use of Nordic Developer Academy or violations of these Terms of Use. Nordic Semiconductor shall not be held liable for, and does not warrant that (i) Nordic Developer Academy will meet your specific requirements, (ii) Nordic Developer Academy will be uninterrupted, timely, secure, or error-free, (iii) the results that may be obtained from the use of Nordic Developer Academy will be accurate or reliable, (iv) the quality of any products, services, information, or other material purchased or obtained by you through Nordic Developer Academy will meet your expectations, or that (v) any errors in Nordic Developer Academy will be corrected.
You accept that this is a service provided to you without any payment and hence you accept that Nordic Semiconductor will not be held responsible, or liable, for any breaches of these Terms of Use or any loss connected to your use of Nordic Developer Academy. Unless otherwise follows from mandatory law, Nordic Semiconductor will not accept any such responsibility or liability.
7. Change of terms
Nordic Semiconductor may update and change the Terms of Use from time to time. Nordic Semiconductor will seek to notify you about significant changes before such changes come into force and give you a possibility to evaluate the effects of proposed changes. Continued use of Nordic Developer Academy after any such changes shall constitute your acceptance of such changes. You can review the current version of the Terms of Use at any time at https://academy.nordicsemi.com/terms-of-service/
8. Transfer of rights
Nordic Semiconductor is entitled to transfer its rights and obligation pursuant to these Terms of Use to a third party as part of a merger or acquisition process, or as a result of other organizational changes.
9. Third Party Services
To the extent Nordic Developer Academy facilitates access to services provided by a third party, you agree to comply with the terms governing such third party services. Nordic Semiconductor shall not be held liable for any errors, omissions, inaccuracies, etc. related to such third party services.
10. Dispute resolution
The Terms of Use and any other legally binding agreement between yourself and Nordic Semiconductor shall be subject to Norwegian law and Norwegian courts’ exclusive jurisdiction.
