Rainmaker+Matter with private Rainmaker instance

[ngorgi]

I'm having an issue getting the matter_light example project (Rainmaker + Matter) onto our private Rainmaker cloud instance. I can do it just fine with the led_light project in the Rainmaker examples, but I'm having issues when it comes to doing the same with the matter_light example. Can someone take a look at my workflows and telling me where I'm going wrong?


First, I generate device certificates using rainmaker_admin_cli.py and register the certificates with our private Rainmaker cloud instance.

In the led_light Rainmaker example, I do the following:

In idf.py menuconfig's Rainmaker submenu, I configure it as
Use self claiming
Read MQTT Host from ESP_RMAKER_MQTT_HOST
Read Node ID from device certificate
Custom URL entered as MQTT host

Then I...
1. Erase flash
2. Flash certificate generated from rainmaker_admin_cli.py to 0x340000
3. Build flash monitor

The node appears on private cloud, meaning everything worked successfully.




For the matter_light example, I generate factory nvs binary using the Matter mfg_tool.py, making sure to embed our server's URL into the master.csv file. Then, I configure the matter_light project using idf.py menuconfig Rainmaker submenu as follows.

Do not use claiming
Read MQTT Host from ESP_RMAKER_MQTT_HOST
Read Node ID from device certificate
Custom URL entered as MQTT host
PKI access method -> esp secure cert manager

Then, I do the following:
1. Erase flash
2. Flash Rainmaker certificate to 0x340000
3. Flash Matter certificate to 0x3e0000
4. Perform Matter claiming with ./rainmaker.py claim --matter /dev/ttyUSB0
5. idf.py build flash monitor

Everything boots up and the node tries to connect to the private Rainmaker instance, but the connection is rejected because the Node ID that's display IS NOT what was in the Rainmaker certificate that was flashed.

Also, if I change the PKI Access Method to "Use NVS", I instead get the following error and the device goes into a boot loop.

E (1848) esp_rmaker_core: Failed to get device certificate.
E (1858) esp_rmaker_core: Failed to initialise Node Id. Please perform "claiming" using RainMaker CLI.
E (1868) app_main: Could not initialise node.



So basically, my question is how do I flash a Rainmaker certificate to a node running the Matter+Rainmaker demo such that it can connect to our private Rainmaker cloud instance?

[ESP_Piyush]

For regular led_light example with credentials generated using admin CLI
- You should disable claiming (even if not, the credentials will be read from the fctry nvs binary, not via claiming). References can be found in the customer docs.
- Read MQTT Host from ESP_RMAKER_MQTT_HOST, Read Node ID from device certificate, Custom URL entered as MQTT host : These were not really required, since by default, the MQTT host will be read from fctry nvs, which would already be set to your deployment via admin CLI. Even though "Read Node ID from device certificate" is fine, the node id in nvs will also be the same in this case

For RainMaker + Matter, please follow the Manufacturing Considerations. Even in this case, since you have included your MQTT url in master.csv, it will be available in NVS and no need to override using "Read MQTT Host from ESP_RMAKER_MQTT_HOST". Moreover, you can see in the instructions in Matter DAC section that the secure cert binary is to be flashed at 0xd000 and the other binary at 0x3e0000. Please correct those addresses.