diff --git a/neco b/neco new file mode 100644 index 0000000..3aca074 --- /dev/null +++ b/neco @@ -0,0 +1,73 @@ +send_at("ATE0") +send_at("AT") +# reboot and wait +send_at("AT+CREBOOT") +print("rebooting... please wait") +failed = True +for i in range(1,10): + if send_at("ATE0", "OK", timeout=3): + failed = False + break + send_at("AT") +if failed: + print("failed to reboot") + exit() +# set as verbose +send_at("AT+CMEE=2") +# sim and rf status check +send_at("AT+CPIN?") +send_at("AT+CSQ") +# manual APN conf +send_at("AT+CFUN=0") +send_at("AT+CGDCONT=1,\"IP\",\"m2m.public.cz\"") +send_at("AT+CFUN=1") +send_at("AT+CGATT?") +send_at("AT+CGNAPN") +send_at("AT+CNCFG=0,1,\"m2m.public.cz\"") +# APN check +send_at("AT+CGNAPN") +# activate apn/pdp# +send_at("AT+CNACT=0,1") +send_at("AT+CNACT?") +# synch UTC +send_at(f'AT+CNTP="{NTP_SERVER}",2,0,2') +time.sleep(12) +send_at("AT+CNTP") +send_at("AT+CCLK?") +# file system init +send_at("AT+CFSINIT") +# upload ca certificate +with open(CA_LOCAL_PATH, "rb") as f: + data = f.read() +cert_len = len(data) +send_at(f'AT+CFSWFILE=1,"{CA_FILENAME}",0,{cert_len},10000', "DOWNLOAD") +time.sleep(1) +print(ser.read_all().decode()) +ser.write(data) +send_at("AT+CFSTERM") +# setup mqtt with ssl +send_at(f'AT+SMCONF="URL","{EMQX_HOST}","{EMQX_PORT}"') +send_at("AT+SMCONF=\"KEEPTIME\",60") +send_at("AT+SMCONF=\"CLEANSS\",1") +send_at(f'AT+SMCONF="CLIENTID","{MQTT_CLIENT_ID}"') +send_at('AT+SMCONF="QOS",1') +send_at("AT+SMCONF?") +# set tls version to 1.2, ignore rtc time and set cipher. then check it +send_at('AT+CSSLCFG="sslversion",1,3') +send_at('AT+CSSLCFG="IGNORERTCTIME",1,1') +send_at('AT+CSSLCFG=“CIPHERSUITE”,1,0,0x0035') +send_at('AT+CSSLCFG=“CIPHERSUITE”,1,1,0x002F') +send_at("AT+CSSLCFG?") +time.sleep(10) +# convert and use uploaded certificate +send_at(f'AT+CSSLCFG="CONVERT",2,"{CA_FILENAME}"') +send_at(f'AT+SMSSL=2,"{CA_FILENAME}",""') # no idea how to CHOOSE the certificte +send_at("AT+SMSSL?") +# try to connect +if not send_at("AT+SMCONN", "OK", timeout=20): + print(" - FAILED to connect") +# disconnect/clean-up +send_at("AT+SMDISC") +send_at("AT+CNACT=0,0") + +ser.close() diff --git a/nic b/nic new file mode 100644 index 0000000..a51284f --- /dev/null +++ b/nic @@ -0,0 +1,77 @@ +#reboot +ATE0 +AT +AT+CREBOOT +ATE0 +AT +ATE0 +#set verbose +AT+CMEE=2 +# sim and rf checks +AT+CPIN? +AT+CSQ +#fs init +AT+CFSINIT +#upload ca cert +cacert +#convert ca cert and end uploading +AT+CSSLCFG="CONVERT",2,ca.pem +AT+CFSTERM +#manual APN conf +AT+CFUN=0 +AT+CGDCONT=$pdpcid$,"IP","m2m.public.cz" +AT+CFUN=1 +AT+CGATT? +AT+CGNAPN +AT+CNCFG=$pdpcid$,1,"m2m.public.cz" +#APN check +AT+CGNAPN +#activate APN/PDP +AT+CNACT=0,1 +AT+CNACT? +#synch UTC +AT+CNTP=$ntp_server$,2,0,2 +sleep 15 +AT+CNTP +AT+CCLK? + + + + +AT+SMCONF="CLIENTID","SIM7080" +AT+SMCONF="URL","[ID].s2.eu.hivemq.cloud",8883 +AT+SMCONF="USERNAME","[username]" +AT+SMCONF="PASSWORD","[password]" + +3) setting up SSL and connecting + +AT+CSSLCFG="sslversion",1,3 +// TLS 1.2 + +AT+CSSLCFG="SNI",1,"[ID].s2.eu.hivemq.cloud" +// The SNI option is available for the SIM7080 but I found examples of some other Simcom modules that only need to "enable" SNI". For my module I need to enter a server name, so I input the exact same URL as my cluster's including my ID, is that ok? + +AT+SMSSL=1,"isrgrootx1.pem","" +// first quotes are for the root CA - second quotes are for the .crt certificate and it should technically come with a private key, so I leave it empty since I couldn't convert the server certificate as such earlier... is that OK too? + +AT+SMCONN +// here I'm always getting +CME ERROR: operation not allowed + + + + Set a Ciphersuite on correct >ctxindex>, in my case is 1: + AT+CSSLCFG=“CIPHERSUITE”,1,0,0x0035 + AT+CSSLCFG=“CIPHERSUITE”,1,1,0x002F + I’ve added two ciphersuits 0 and 1 on just in case. + + Dissable clock checking on certificate, I don’t really know if it is mandatory + AT+CSSLCFG=“IGNORERTCTIME”,1,1 + + Check certificate, maybe don’t needed + AT+CSSLCFG? + + Set only root certificate: + AT+SMSSL=2,“isrgrootx1.pem”,“” + + Finally connect: + AT+SMCONN