Connect a PLC M262 with AWS (Amazon Web Services) or any other cloud service

ltorraka · ‎2022-05-24

Hello automation community, in the last days I have been trying to connect a PLC M262 to the amazon cloud (AWS) using the protocol MQTT.

I already have succes communicating the PLC M262 with a local server using Node Red via MQTT protocol. However when I try to connect directly to the cloud (AWS) it won't work.

Can someone help me! I will appreciate your help.

Regards.

SteveAndjic · ‎2022-06-30

Hello

When you are trying to connect are you using the MQTT client in the M262. If so what type of error are you getting?

To connect to AWS it will require you to have a current digital certificate. Same will be with AZURE and other cloud services. You will need to make sure the certificates are not sitting in the quarantine section of your PLC and copy them into the trusted section.

I have a few sample templates available also that can connect to Cloud services and MQTT brokers, but some will still require you to have the digital certificate.

If you like you can send me you email and I can email some How to's

Regards

Steve

ltorraka · ‎2022-07-13

Hi Steve,

I'm using the MQTT Handling Example and I enter the data to visu_main,

I'm using the TrustedOnly certificate verification (TLS) . I copy the certificates from AWS into the trusted section in the security screen. Also I copy the RootCA1, public and private key in the trusted section.

I need to know how to get the ip address from AWS to introduce it to the MQTT Client block or how to introduce the end point in the MQTT client block from AWS, an example in the next picture.

I believe that my problem is in the ip address, however AWS does not give me an Ip Address, instead an endpoint (URL).

Thank you for your help

Regards

Lennin.

SteveAndjic · ‎2022-07-13

Hi Lennin

You will need to use the DNS client in Machine Expert. Make sure you have the library loaded.

I have built one with structed Text but you can use the Function block version

My working DNS

// DNS CLIENT
fbDnsClient : TCPUDP.FB_DnsClient;
xEnableDnsClient : BOOL := TRUE;
xFirstCycle : BOOL := FALSE;
xExecuteDnsClient : BOOL := FALSE;
sDnsServerIpAdr : STRING(15) := '8.8.8.8';
uiDnsServerPort : UINT := 53;
sDomainName : STRING(255) := 'cnm-ih-na.azure-devices.net';
sIpAdrMapping : STRING(15);
dwDnsTTL : DWORD;

xExecuteDnsClient := xFirstCycle;
fbDnsClient
(
i_xEnable := xEnableDnsClient,
i_xExecute := xExecuteDnsClient,
i_sDnsServerIP := sDnsServerIpAdr,
i_uiDnsServerPort := uiDnsServerPort,
i_sDomainName := sDomainName
);

xFirstCycle := TRUE;

IF fbDnsClient.q_xDone THEN
xFirstCycle := FALSE;
xExecuteDnsClient := FALSE;
END_IF

IF fbDnsClient.q_xError THEN
xEnableDnsClient := FALSE;
ELSE
xEnableDnsClient := TRUE;
END_IF

sIpAdrMapping := fbDnsClient.q_astDnsAddressInfo[0].sIpAddress;
dwDnsTTL := fbDnsClient.q_astDnsAddressInfo[0].dwTTL;

This will resolve your URL and give you an IP address.

I also have a template for MQTT to cloud services with inbuilt DNS available if you need it but it doesn't use the example file you have used.

Regards

Steve

ltorraka · ‎2022-07-14

Hi Steve,

I really appreciate your help. I will follow the steps and let you know if it works. Can you send me the template for MQTT to cloud services with inbuilt DNS?

Here is my email: ltorraka@falconingenieria.com

Regards

Lennin

SteveAndjic · ‎2022-07-17

Hi Lennin

I have sent you an email with the template. AS mentioned in the email this template is used to connect to AZURE for our Machine Advisor platform.

You will only need to change your credentials to suit your login and the URL in the DNS client to resolve an IP. It will automatically load the IP into the MQTT client

Regards

Steve

Luke_ · ‎2022-11-22

Hi Steve,

Thank you for providing that information, would you mind also sending me a copy of that Azure template?

I have direct messaged you my email.

I would really appreciate it.

Thank you,

Luke.

SteveAndjic · ‎2022-11-22

Hi Luke

Email has been sent

regards

Steve

ksBOT · ‎2023-05-03

Hi,

Does this mean that you can connect and publish to server using Server certificate, cleint key and client certificate, or do you still rely on username/password?

Can you email your MQTT to cloud services template aswell?

email: ks@blueoceantechnology.no

For context:
I am using Machine Expert 2.0 SWP 1.
I have used the MQTT example from Schneider and modified it so that it does not require an IP address and accepts the server certificate and client certificate.
I do not know where to place the client key and the error message I get is "CertificateNoKey".

Best regards

Kristoffer

SteveAndjic · ‎2023-05-07

Hi Kristoffer

what MQTT port are you using? port 1883 or 8883?

Also you need to make sure your certificates are not getting quarantined. If so you will need to make them trusted in the PLC

Regards

Steve

ksBOT · ‎2023-05-07

Hi,

I am using port 8883 as this is specified by customer.

I have put the Server certificate in the Trusted folder and the client certificate in Own certificates folder.

no certificates in the quarantined folder.

I will try placing both certificates in trusted folder.
Client key is not accepted in any of these folders.

Best regards,

Kristoffer

SteveAndjic · ‎2023-05-07

Hi Kristoffer

I haven't played much with AWS but I dont think it would be much different to AZURE. The Client key needs to be authenticated in the MQTT credentials for the MQTT client.

You will need to create a variable that will allow you to enter the Client Key, or Client ID

Regards

Steve

aliyualhassan · ‎2023-05-22

I've been diving into the world of PLCs and cloud services myself, so I understand the excitement and challenges you're facing. Connecting a PLC M262 to AWS using MQTT sounds like an interesting project.
From your description, it seems like you've successfully connected the PLC M262 to a local server using Node Red and MQTT. However, when attempting a direct connection to AWS, you're facing some issues. It can be a bit tricky, but fear not!
One suggestion is to double-check your AWS setup, including the security groups, IAM roles, and MQTT configuration. It's also worth looking into AWS IoT Core, as it provides features specifically designed for IoT device connections.
By the way, since you're exploring AWS, I recently stumbled across some cool AWS certified courses online. They might come in handy for expanding your knowledge.