This topic describes how to configure a device to connect to IoT Platform over an IPv6 network using the Message Queuing Telemetry Transport (MQTT) protocol. You can connect the device to IoT Platform in direct connection mode.
Limits
The MQTT channel over IPv6 is supported only in the China (Shanghai) region.
Connect a device to IoT Platform
- Download the root certificate for Transport Layer Security (TLS) encryption. For more information about how to use the root certificate, see CA Certificates.
- Develop the device client and configure the MQTT connection.
Use the device software development kit (SDK) provided by Alibaba Cloud to connect to IoT Platform. If you develop the device client on your own, see MQTT connection signature example for instructions on how to sign the connection.
The following table describes the required configurations.
Field Details Connection domain name and port The domain name is ipv6.itls.cn-shanghai.aliyuncs.comand the port is 1883.Variable header: Keep Alive The CONNECT instruction must include Keep Alive (keepalive interval). The keepalive interval must be between 30 and 1,200 seconds. If the interval is outside this range, IoT Platform rejects the connection. Set the value to 300 seconds or more. If the network is unstable, set a longer keepalive interval. MQTT CONNECT message parameters mqttClientId: clientId+"|securemode=2,signmethod=hmacsha1,timestamp=132323232|" mqttUsername: deviceName+"&"+productKey mqttPassword: sign_hmac(deviceSecret,content)mqttPassword: To generate the signature, sort the parameters that you submit to the server in alphabetical order. Then, sign the parameters based on the specified `signmethod`.
The value of content is generated by sorting the ProductKey, DeviceName, timestamp, and clientId parameters alphabetically, and then concatenating their values in that order.
- clientId: The client ID. Use the MAC address or serial number (SN) of the device as the client ID. The ID can be up to 64 characters in length.
- timestamp: The current time in milliseconds. This parameter is optional.
- mqttClientId: In the format, the content between
||specifies the extension parameters. - signmethod: The signature algorithm. Valid values: hmacmd5, hmacsha1, and hmacsha256. The default value is hmacmd5.
- securemode: The safe mode. Set the value to 2, which indicates the TLS direct connection mode.
Example:
Assume that
clientId = 12345, deviceName = device, productKey = pk, timestamp = 789, signmethod=hmacsha1, and deviceSecret=secret. The parameters that are submitted to MQTT over TLS are as follows:mqttclientId=12345|securemode=2,signmethod=hmacsha1,timestamp=789| mqttUsername=device&pk mqttPassword=hmacsha1("secret","clientId12345deviceNamedeviceproductKeypktimestamp789").toHexString();The encrypted password is a hexadecimal string converted from a binary value. An example of the result is as follows:
FAFD82A3D602B37FB0FA8B7892F24A477F85****