Dragino NB device connection to AWS platform instructions

= (% data-sider-select-id="01d9dce7-4047-4b71-a8e2-c5df7daa2d54" %)1. Log in to the platform and find IOT core(%%) =

5

6

7

= (% data-sider-select-id="4d2599c0-e2a9-4d10-8c01-c68a77c3b183" %)2. Create your own test policy(%%) =

8

9

(% data-sider-select-id="499b9594-5b20-42a9-b15b-21be5a1ef28e" %)

10

== (% data-sider-select-id="c0f85e83-53c9-450c-b4eb-457071bdfbf9" %)2.1 First click the policy on the left, enter the page and click Create policy(%%) ==

11

12

=== [[image:image-20240528172927-2.png||height="377" width="931"]] ===

13

14

15

== (% data-sider-select-id="02035a79-77c4-4edb-b132-61acdb529526" %)2.2 After filling in a policy name for testing, the policy will be displayed on the page(%%) ==

a. Fill in any name

b. Configure the policy you created

21

22

[[image:image-20240528173144-3.png||height="572" width="931"]]

23

24

25

c. After clicking to enter the policy configuration page, follow the clicking sequence below to go to the json configuration interface, and then fill in the following fields in the "statement" keyword:

26

27

(% data-sider-select-id="7bc0f6db-481d-435a-ad0c-92cf0ede3ea4" %)

28

(% data-sider-select-id="8026a4d9-df91-4895-b9c5-3d6ac9b46012" %)**{**

29

30

**~ "Version": "2012-10-17",**

**~ "Statement": [**

**~ {**

**~ "Effect": "Allow",**

**~ "Action": "",**

**~ "Resource": ""**

**~ }**

**~ ]**

**}**

[[image:image-20240528173203-4.png||height="517" width="942"]]

50

51

52

d. Create this policy

53

54

55

(% data-sider-select-id="21f75c89-756f-4f95-919d-30cc5cf86298" %)

56

= 3. Create a Things =

57

58

(% data-sider-select-id="1a295982-a5d4-4787-896b-ac87e2385b09" %)

59

== 3.1 Create a single Things ==

60

61

62

(% data-sider-select-id="b6a1852f-c446-4c98-a017-595ac62adc60" %)

63

~1. Select Create Things

64

65

[[image:image-20240528173244-5.png||height="329" width="932"]]

66

67

[[image:image-20240528173500-6.png||height="484" width="928"]]

68

69

70

(% data-sider-select-id="de8a3324-fa57-46eb-a85c-49eeea34baa5" %)

71

2. Fill in the name of the control item you want to create in the thing name column.

72

73

Use the default for other parameters

Then click Next.

[[image:image-20240528173754-7.png||height="712" width="781"]]

78

79

80

(% data-sider-select-id="fc59dc2d-1ed3-41f5-8482-8534342857a7" %)

81

3. Choose to automatically generate a new certificate

Then click Next

[[image:image-20240528173829-8.png||height="547" width="782"]]

86

87

88

(% data-sider-select-id="d2fd3708-ecaf-4479-b1eb-b5db28e1adb9" %)

89

4. The next step is to choose a strategy

90

91

Here you can choose a policy we created in the first step

92

93

[[image:image-20240528173851-9.png||height="580" width="785"]]

94

95

96

(% data-sider-select-id="2f8892b2-d89c-416e-a5e6-6f58bd557860" %)

97

5. When you click to create things, the certificate download page will pop up.

98

99

(% data-sider-select-id="398c8d35-75ff-4077-85bb-9e0377efa186" %)

100

(% data-sider-select-id="087aa6c7-c542-4afc-9ce6-291538c31764" %)**This certificate is very important.**(%%) After creating the device, you must download the certificate of the device so that our NB device can connect normally.

101

102

Please download all the following certificates and put them in a folder.

103

104

[[image:image-20240528173926-10.png]]

105

106

107

6. You can see the things you just created in the things

108

109

[[image:image-20240528173951-11.png||height="381" width="1089"]]

110

111

112

(% data-sider-select-id="3ba36b16-0696-40e7-88b5-2c533f73589a" %)

113

= (% data-sider-select-id="fc07fe98-6fd9-4d61-a991-8524b6097b3a" %)4. Connect to AWS using Dragino-NB device(%%) =

114

115

(% data-sider-select-id="582a7e84-a00a-4129-b71d-347a29aa5142" %)

116

== 4.1 Upgrade the firmware to configure TTS firmware to set the certificate ==

117

118

119

User can change device firmware to::

120

121

* Update with new features.

* Fix bugs.

Firmware and changelog can be downloaded from : **[[Set up TLS certificate - Dropbox>>url:https://www.dropbox.com/sh/sxrgszkac4ips0q/AAA7xVIHen982Nc0edNPaB-Wa/NB-IoT/Set%20up%20TLS%20certificate?dl=0&subfolder_nav_tracking=1||data-sider-select-id="830d1b64-cb24-48b3-91e4-49da5c3f0783"]]**

126

127

Methods to Update Firmware:

128

129

* (Recommended way) OTA firmware update via BLE: [[**Instruction**>>url:http://wiki.dragino.com/xwiki/bin/view/Main/BLE_Firmware_Update_NB_Sensors_BC660K-GL/]].

130

131

* Update through UART TTL interface : **[[Instruction>>url:http://wiki.dragino.com/xwiki/bin/view/Main/UART_Access_for_NB_ST_BC660K-GL/#H4.2UpdateFirmware28Assumethedevicealreadyhaveabootloader29]]**.

(% data-sider-select-id="954c6787-a52d-4862-805c-4afa47abd128" %)

136

== 4.2 Configure certificate ==

137

138

139

After upgrade the firmware, the serial port displays as follows：

140

141

(% data-sider-select-id="8b6a9e23-dec0-476c-acd4-098aa19fe1f3" %)

142

[[image:image-20240528174330-13.png||height="286" width="568"]]

143

144

145

(% data-sider-select-id="8b6a9e23-dec0-476c-acd4-098aa19fe1f3" %)

146

=== 4.2.1 Configure CA certificate ===

147

148

149

Please input the certificate in PEM format for the user.

150

151

Use the AT command AT+CACERT as follows:

152

153

AT+CACERT=~-~-~-~--BEGIN CERTIFICATE~-~-~-~--

154

155

MIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsF

156

157

ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6

158

159

b24gUm9vdCBDQSAxMB4XDTE1MDUyNjAwMDAwMFoXDTM4MDExNzAwMDAwMFowOTEL

160

161

MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv

162

163

b3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj

164

165

ca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM

166

167

9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qw

168

169

IFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6

170

171

VOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L

172

173

93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQm

174

175

jgSubJrIqg0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC

176

177

AYYwHQYDVR0OBBYEFIQYzIU07LwMlJQuCFmcx7IQTgoIMA0GCSqGSIb3DQEBCwUA

178

179

A4IBAQCY8jdaQZChGsV2USggNiMOruYou6r4lK5IpDB/G/wkjUu0yKGX9rbxenDI

180

181

U5PMCCjjmCXPI6T53iHTfIUJrU6adTrCC2qJeHZERxhlbI1Bjjt/msv0tadQ1wUs

182

183

N+gDS63pYaACbvXy8MWy7Vu33PqUXHeeE6V/Uq2V8viTO96LXFvKWlJbYK8U90vv

184

185

o/ufQJVtMVT8QtPHRh8jrdkPSHCa2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU

186

187

5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2xJNDd2ZhwLnoQdeXeGADbkpy

188

189

rqXRfboQnoZsG4q5WTP468SQvvG5

190

191

~-~-~-~--END CERTIFICATE~-~-~-~--}

192

193

**Note: Be sure to add a terminator "}" at the end of the command. Otherwise, the command will not execute successfully.**

194

195

[[image:image-20240528174408-14.png]]

196

197

198

After successful execution, as shown in the following figure.

199

200

[[image:image-20240528174502-15.png]]

201

202

Display **"Successfully configured CA certificate."** If the configuration is successful, otherwise it is considered configuration failure.

203

204

205

(% data-sider-select-id="49618231-3f2d-4069-952f-8ca923909048" %)

206

=== 4.2.2 Configure client certificate ===

207

208

209

Use the AT command AT+CLICERT as follows：

210

211

AT+CLICERT=~-~-~-~--BEGIN CERTIFICATE~-~-~-~--

212

213

MIIDWTCCAkGgAwIBAgIUYSpJUzfb4NTa76JJxd2th0fZA8swDQYJKoZIhvcNAQEL

214

215

BQAwTTFLMEkGA1UECwxCQW1hem9uIFdlYiBTZXJ2aWNlcyBPPUFtYXpvbi5jb20g

216

217

SW5jLiBMPVNlYXR0bGUgU1Q9V2FzaGluZ3RvbiBDPVVTMB4XDTI0MDUyNDA4MDI0

218

219

NVoXDTQ5MTIzMTIzNTk1OVowHjEcMBoGA1UEAwwTQVdTIElvVCBDZXJ0aWZpY2F0

220

221

ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMTdc1GQLVBohAeCJD6n

222

223

6WTFAFrygTch90a5wUr2bhlVuDxvEhEKNcmu5vOCo5agmfLWb2VCxgezgvQOBYQ8

224

225

1oTqXJNdl4tS0DICfqb/ogVHWGHRao67XyhbPNBS0j/nCPTIIk6+/NBeYPOjaG+p

226

227

utfXE7SGIEcc3RevkYkUJx6y+WH7MLjj1mufuXBVWIL1RrfrIRPw6auVk7dhS5rU

228

229

NvYcJa7Qd6gpAh1DzPj7ZECrv7fEIIBDEsSYOy6ToWtzqGIVcIAHBDfORB0Hcm+N

230

231

7wG3KDf61P4aWkLlkP5pRUaUIQdVblxginmx2K3n8t/WP7QcfITa191rjEVVBXmk

232

233

ROsCAwEAAaNgMF4wHwYDVR0jBBgwFoAUs8Caohh1ZGP8kjSn3rtxJiJJ9IswHQYD

234

235

VR0OBBYEFCjwGwqD7FG9UCNm3wjFQX4HixzfMAwGA1UdEwEB/wQCMAAwDgYDVR0P

236

237

AQH/BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQBgqI49a4PBQZYrFM63TX3EHgdd

238

239

N6Pj7AytjO+SrKNMCSo/OtIvhDTxOocr1vKrux1Tw5qmrllrIXLtlGtbmln5DS6a

240

241

DTCLrjwcIFIabLxpx5DPY1WSMYvL04SW7d4Y+3SxOFNRotDSiomr8eIIac0d3HE2

242

243

B5b0SnWZgWbrhjNUgvwo8l8tA9DOGIr2MeQ5kPjudOOiYSR3HC0v+jviBMV6VX8M

244

245

LHVH3CRshHDKBGpV1NZ1RAm9EY/oRGtSiMsyjRh6hegC0vehwVxaC4w9qG0ASkzz

246

247

42OOGfNqhYnYDiKTEIkazaoAFpTKDejWBaL7W5VpthUkQOl67IyX+ohuUKTo

248

249

~-~-~-~--END CERTIFICATE~-~-~-~--}

250

251

**Note: Be sure to add a terminator "}" at the end of the command. Otherwise, the command will not execute successfully.**

252

253

[[image:image-20240528174630-16.png||height="553" width="747"]]

254

255

Display **"Successfully configured client certificate."** Configuration successful, otherwise configuration failed.

256

257

258

(% data-sider-select-id="61ec994b-4a66-4db9-8b86-a401c99ba491" %)

259

=== 4.2.3 Configure client private key ===

260

261

262

Use the AT command AT+CLIKEY, as shown below

263

264

AT+CLIKEY=~-~-~-~--BEGIN RSA PRIVATE KEY~-~-~-~--

265

266

MIIEpAIBAAKCAQEAxN1zUZAtUGiEB4IkPqfpZMUAWvKBNyH3RrnBSvZuGVW4PG8S

267

268

EQo1ya7m84KjlqCZ8tZvZULGB7OC9A4FhDzWhOpck12Xi1LQMgJ+pv+iBUdYYdFq

269

270

jrtfKFs80FLSP+cI9MgiTr780F5g86Nob6m619cTtIYgRxzdF6+RiRQnHrL5Yfsw

271

272

uOPWa5+5cFVYgvVGt+shE/Dpq5WTt2FLmtQ29hwlrtB3qCkCHUPM+PtkQKu/t8Qg

273

274

gEMSxJg7LpOha3OoYhVwgAcEN85EHQdyb43vAbcoN/rU/hpaQuWQ/mlFRpQhB1Vu

275

276

XGCKebHYrefy39Y/tBx8hNrX3WuMRVUFeaRE6wIDAQABAoIBAFhAOcjvjBDGuaEw

277

278

CxV3al49HfqnSZuwg0xWSztSm2qKDcwxsnSnEhO2b1vsTW9h0YGV9Vv8gg/Dvkmv

279

280

23M7XqM4+IUraJsRZbl1etdcM4KQSCOZoF4Zyv+pXuq4pf31kQNCkHaikWzLUkUG

281

282

FPQxr0vA49mCYwfd/ZL3ppM/0IWmxRwloV1Gb9q8iDBUcJGSDokZnT7diUxzzOcd

283

284

+UJ6xUhFq1v46Y7vO+73XROLv34JEBC0bIw2ErL6+AbzhHwb2mkuSccG9Ks37g3Z

285

286

dyyjjj8hm1wvHWepuWqEssaiS3HD5zAsI0v85xS8RwNj3zLfd8o1WC666n3CO+ij

287

288

VdRmR4kCgYEA+/sEFxpfaRomqcLwJebZcZH06U1RfJFfnbH2/Q6fANf8zNxwWs9A

289

290

O+jyk/CLhHYRIk6VIOMQmWwEYgJ2eAHfw2Diwj4/0eqkGu+yZOS6KTCewxSV73vc

291

292

SvACramJy4y6yEgDN5onwR1XqfVMfA0LzTcSupHR/xvrpf/gCsNFPxUCgYEAyAFd

293

294

nMUhJFSq3pOogxA43aJSkA8YuDS3jpBkKQ6vx81APpIMabQauOxFDt488TZGP3Yy

295

296

lhpa/lfFIgu2K7CgV4dUp+JtJJoZ/F+ExxUUzdqB4zxzWywAcc3RebfwP6qASwFT

297

298

G3mXYci4tgNWR+k5CSsuLXDk/OT5uo5GeGAEc/8CgYEAk6V8uxDP8STKnNRFpN/E

299

300

b6CHciDE64m/DgbWY2cq0fK9BUjxaLRhvfj8EqVzCrWnyoNjLHcAJfW+B7PLuPvY

301

302

IoJlvE1/Vb/4UnQ7ApVnY3VCwaoRRNc9uIcz+pAJ1sRqOarAf9cLDkPkNwktvM5k

303

304

KOXpSnrhIms4w/bPT18l9xUCgYBsAMDKbXEuK0JyGw5+Z/4tQQCQpnZU0rLkm3ha

305

306

64FkxaORplBprEZZ4cyQ8NW78/EPSAadI/JLMp5TejuPcDvFyGCgoBcMEuNBc1tC

307

308

HlIzr3FAgl5Qt3wt+FTMA9YKq0nINxjn10s2FKwaLccj4f9YwiaXh0VAg22PnlDT

309

310

pBYDhQKBgQCMwyKXJ4zYiDRdvLvgKzeuKaU4KNQItHE4KORPfkecjPoENt4bKxDw

311

312

2EdNFQLIoqBHL1s+/8+SzhCI31V7pkTs1AqCxDExJS7+8Z5NQFQIo/jooUo0N80E

313

314

y3ZZS6OLOXXscEqhMogf1grfbabXM9OkgTIq43cPQHtMGQiFAtIJkg==

315

316

~-~-~-~--END RSA PRIVATE KEY~-~-~-~--}

317

318

**Note: Be sure to add a terminator "}" at the end of the command. Otherwise, the command will not execute successfully.**

319

320

[[image:image-20240528174702-17.png]]

321

322

Display** "Successfully configured client private key."** If the configuration is successful, otherwise it is considered configuration failure.

323

324

325

(% data-sider-select-id="6ba3fbe9-394a-47e2-8eca-715449162645" %)

326

=== 4.3.3 Re-upgrade the firmware ===

327

328

329

After the certificate configuration is completed, Re-upgrade to the firmware you originally used.

330

331

332

(% data-sider-select-id="d010cb3f-ad9a-4420-80d1-919b61731f41" %)

333

= 5. Configure draginoNB-device =

334

335

(% data-sider-select-id="8125b1b7-0428-410e-a7c1-261a468944de" %)

336

== 5.1 Configure the data format sent by the device ==

337

338

339

AT+PRO=3,5(Data is in Json format of MQTT)

340

341

342

(% data-sider-select-id="ba72cd93-5d23-47b8-8b69-2238e0b501ca" %)

343

== 5.2 Set server address ==

344

345

346

AT+SERVADDR=an5tk94sdgjat-ats.iot.us-east-1.amazonaws.com,8883

347

348

349

(% data-sider-select-id="7da97212-7298-43eb-b178-94231a3eb5d8" %)

350

== 5.3 Set up private and public topics ==

351

352

353

AWS does not limit topics, so you can set any topic

AT+SUBTOPIC=Any

AT+PUBTOPIC=Any

(% data-sider-select-id="a53f5c46-7530-440d-b29e-61a4eaafb709" %)

361

== 5.4 Set the TLS mode ==

AT+TLSMOD=1,2

To use the TLS mode certificate function, users need to configure the AT+TLSMOD command

367

368

AT+TLSMOD=1,0 No authentication

369

370

AT+TLSMOD=1,1 Perform server authentication

371

372

AT+TLSMOD=1,2 Perform server and client authentication if requested by the remote server.（In AWS we recommend using this mode）

Restart the device

(% data-sider-select-id="07128e51-24f8-40ff-b2a7-4a4de2346889" %)

379

= 6. View data on AWS =

380

381

(% data-sider-select-id="6c108d6d-db3d-4542-8193-c4c33c88bc41" %)

382

== 6.1 Find MQTT test client in test ==

383

384

385

In the fourth step, fill in the topics you subscribed to before

AT+PUBTOPIC=XXXX

If you forget your previous topic, you can fill in #,subscribe to all topics

390

391

[[image:image-20240528175111-18.png||height="409" width="1014"]]

392

393

394

(% data-sider-select-id="9c23abff-6a4a-4320-95a2-33c42eb296f3" %)

395

== (% data-sider-select-id="638ae5a9-ed23-43ff-bd61-b1c66e0d01d0" %)6.2 The data published information in Subscriptions(%%) ==

396

397

398

[[image:image-20240528175133-19.png||height="563" width="1022"]]

399

400

[[image:image-20240528175154-20.png||height="752" width="1042"]]

401

402

Wiki source code of Dragino NB device connection to AWS platform instructions

Applications

Navigation

author	version	line-number	content
		1	{{toc/}}
		2
		3
		4	= (% data-sider-select-id="01d9dce7-4047-4b71-a8e2-c5df7daa2d54" %)1. Log in to the platform and find IOT core(%%) =
		5
		6
		7	= (% data-sider-select-id="4d2599c0-e2a9-4d10-8c01-c68a77c3b183" %)2. Create your own test policy(%%) =
		8
		9	(% data-sider-select-id="499b9594-5b20-42a9-b15b-21be5a1ef28e" %)
		10	== (% data-sider-select-id="c0f85e83-53c9-450c-b4eb-457071bdfbf9" %)2.1 First click the policy on the left, enter the page and click Create policy(%%) ==
		11
		12	=== [[image:image-20240528172927-2.png\|\|height="377" width="931"]] ===
		13
		14
		15	== (% data-sider-select-id="02035a79-77c4-4edb-b132-61acdb529526" %)2.2 After filling in a policy name for testing, the policy will be displayed on the page(%%) ==
		16
		17
		18	a. Fill in any name
		19
		20	b. Configure the policy you created
		21
		22	[[image:image-20240528173144-3.png\|\|height="572" width="931"]]
		23
		24
		25	c. After clicking to enter the policy configuration page, follow the clicking sequence below to go to the json configuration interface, and then fill in the following fields in the "statement" keyword:
		26
		27	(% data-sider-select-id="7bc0f6db-481d-435a-ad0c-92cf0ede3ea4" %)
		28	(% data-sider-select-id="8026a4d9-df91-4895-b9c5-3d6ac9b46012" %){
		29
		30	~ "Version": "2012-10-17",
		31
		32	~ "Statement": [
		33
		34	~ {
		35
		36	~ "Effect": "Allow",
		37
		38	~ "Action": "",
		39
		40	~ "Resource": ""
		41
		42	~ }
		43
		44	~ ]
		45
		46	}
		47
		48
		49	[[image:image-20240528173203-4.png\|\|height="517" width="942"]]
		50
		51
		52	d. Create this policy
		53
		54
		55	(% data-sider-select-id="21f75c89-756f-4f95-919d-30cc5cf86298" %)
		56	= 3. Create a Things =
		57
		58	(% data-sider-select-id="1a295982-a5d4-4787-896b-ac87e2385b09" %)
		59	== 3.1 Create a single Things ==
		60
		61
		62	(% data-sider-select-id="b6a1852f-c446-4c98-a017-595ac62adc60" %)
		63	~1. Select Create Things
		64
		65	[[image:image-20240528173244-5.png\|\|height="329" width="932"]]
		66
		67	[[image:image-20240528173500-6.png\|\|height="484" width="928"]]
		68
		69
		70	(% data-sider-select-id="de8a3324-fa57-46eb-a85c-49eeea34baa5" %)
		71	2. Fill in the name of the control item you want to create in the thing name column.
		72
		73	Use the default for other parameters
		74
		75	Then click Next.
		76
		77	[[image:image-20240528173754-7.png\|\|height="712" width="781"]]
		78
		79
		80	(% data-sider-select-id="fc59dc2d-1ed3-41f5-8482-8534342857a7" %)
		81	3. Choose to automatically generate a new certificate
		82
		83	Then click Next
		84
		85	[[image:image-20240528173829-8.png\|\|height="547" width="782"]]
		86
		87
		88	(% data-sider-select-id="d2fd3708-ecaf-4479-b1eb-b5db28e1adb9" %)
		89	4. The next step is to choose a strategy
		90
		91	Here you can choose a policy we created in the first step
		92
		93	[[image:image-20240528173851-9.png\|\|height="580" width="785"]]
		94
		95
		96	(% data-sider-select-id="2f8892b2-d89c-416e-a5e6-6f58bd557860" %)
		97	5. When you click to create things, the certificate download page will pop up.
		98
		99	(% data-sider-select-id="398c8d35-75ff-4077-85bb-9e0377efa186" %)
		100	(% data-sider-select-id="087aa6c7-c542-4afc-9ce6-291538c31764" %)This certificate is very important.(%%) After creating the device, you must download the certificate of the device so that our NB device can connect normally.
		101
		102	Please download all the following certificates and put them in a folder.
		103
		104	[[image:image-20240528173926-10.png]]
		105
		106
		107	6. You can see the things you just created in the things
		108
		109	[[image:image-20240528173951-11.png\|\|height="381" width="1089"]]
		110
		111
		112	(% data-sider-select-id="3ba36b16-0696-40e7-88b5-2c533f73589a" %)
		113	= (% data-sider-select-id="fc07fe98-6fd9-4d61-a991-8524b6097b3a" %)4. Connect to AWS using Dragino-NB device(%%) =
		114
		115	(% data-sider-select-id="582a7e84-a00a-4129-b71d-347a29aa5142" %)
		116	== 4.1 Upgrade the firmware to configure TTS firmware to set the certificate ==
		117
		118
		119	User can change device firmware to::
		120
		121	* Update with new features.
		122
		123	* Fix bugs.
		124
		125	Firmware and changelog can be downloaded from : [[Set up TLS certificate - Dropbox>>url:https://www.dropbox.com/sh/sxrgszkac4ips0q/AAA7xVIHen982Nc0edNPaB-Wa/NB-IoT/Set%20up%20TLS%20certificate?dl=0&subfolder_nav_tracking=1\|\|data-sider-select-id="830d1b64-cb24-48b3-91e4-49da5c3f0783"]]
		126
		127	Methods to Update Firmware:
		128
		129	* (Recommended way) OTA firmware update via BLE: [[Instruction>>url:http://wiki.dragino.com/xwiki/bin/view/Main/BLE_Firmware_Update_NB_Sensors_BC660K-GL/]].
		130
		131	* Update through UART TTL interface : [[Instruction>>url:http://wiki.dragino.com/xwiki/bin/view/Main/UART_Access_for_NB_ST_BC660K-GL/#H4.2UpdateFirmware28Assumethedevicealreadyhaveabootloader29]].
		132
		133
		134
		135	(% data-sider-select-id="954c6787-a52d-4862-805c-4afa47abd128" %)
		136	== 4.2 Configure certificate ==
		137
		138
		139	After upgrade the firmware, the serial port displays as follows：
		140
		141	(% data-sider-select-id="8b6a9e23-dec0-476c-acd4-098aa19fe1f3" %)
		142	[[image:image-20240528174330-13.png\|\|height="286" width="568"]]
		143
		144
		145	(% data-sider-select-id="8b6a9e23-dec0-476c-acd4-098aa19fe1f3" %)
		146	=== 4.2.1 Configure CA certificate ===
		147
		148
		149	Please input the certificate in PEM format for the user.
		150
		151	Use the AT command AT+CACERT as follows:
		152
		153	AT+CACERT=~-~-~-~--BEGIN CERTIFICATE~-~-~-~--
		154
		155	MIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsF
		156
		157	ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6
		158
		159	b24gUm9vdCBDQSAxMB4XDTE1MDUyNjAwMDAwMFoXDTM4MDExNzAwMDAwMFowOTEL
		160
		161	MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv
		162
		163	b3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj
		164
		165	ca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM
		166
		167	9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qw
		168
		169	IFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6
		170
		171	VOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L
		172
		173	93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQm
		174
		175	jgSubJrIqg0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC
		176
		177	AYYwHQYDVR0OBBYEFIQYzIU07LwMlJQuCFmcx7IQTgoIMA0GCSqGSIb3DQEBCwUA
		178
		179	A4IBAQCY8jdaQZChGsV2USggNiMOruYou6r4lK5IpDB/G/wkjUu0yKGX9rbxenDI
		180
		181	U5PMCCjjmCXPI6T53iHTfIUJrU6adTrCC2qJeHZERxhlbI1Bjjt/msv0tadQ1wUs
		182
		183	N+gDS63pYaACbvXy8MWy7Vu33PqUXHeeE6V/Uq2V8viTO96LXFvKWlJbYK8U90vv
		184
		185	o/ufQJVtMVT8QtPHRh8jrdkPSHCa2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU
		186
		187	5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2xJNDd2ZhwLnoQdeXeGADbkpy
		188
		189	rqXRfboQnoZsG4q5WTP468SQvvG5
		190
		191	~-~-~-~--END CERTIFICATE~-~-~-~--}
		192
		193	Note: Be sure to add a terminator "}" at the end of the command. Otherwise, the command will not execute successfully.
		194
		195	[[image:image-20240528174408-14.png]]
		196
		197
		198	After successful execution, as shown in the following figure.
		199
		200	[[image:image-20240528174502-15.png]]
		201
		202	Display "Successfully configured CA certificate." If the configuration is successful, otherwise it is considered configuration failure.
		203
		204
		205	(% data-sider-select-id="49618231-3f2d-4069-952f-8ca923909048" %)
		206	=== 4.2.2 Configure client certificate ===
		207
		208
		209	Use the AT command AT+CLICERT as follows：
		210
		211	AT+CLICERT=~-~-~-~--BEGIN CERTIFICATE~-~-~-~--
		212
		213	MIIDWTCCAkGgAwIBAgIUYSpJUzfb4NTa76JJxd2th0fZA8swDQYJKoZIhvcNAQEL
		214
		215	BQAwTTFLMEkGA1UECwxCQW1hem9uIFdlYiBTZXJ2aWNlcyBPPUFtYXpvbi5jb20g
		216
		217	SW5jLiBMPVNlYXR0bGUgU1Q9V2FzaGluZ3RvbiBDPVVTMB4XDTI0MDUyNDA4MDI0
		218
		219	NVoXDTQ5MTIzMTIzNTk1OVowHjEcMBoGA1UEAwwTQVdTIElvVCBDZXJ0aWZpY2F0
		220
		221	ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMTdc1GQLVBohAeCJD6n
		222
		223	6WTFAFrygTch90a5wUr2bhlVuDxvEhEKNcmu5vOCo5agmfLWb2VCxgezgvQOBYQ8
		224
		225	1oTqXJNdl4tS0DICfqb/ogVHWGHRao67XyhbPNBS0j/nCPTIIk6+/NBeYPOjaG+p
		226
		227	utfXE7SGIEcc3RevkYkUJx6y+WH7MLjj1mufuXBVWIL1RrfrIRPw6auVk7dhS5rU
		228
		229	NvYcJa7Qd6gpAh1DzPj7ZECrv7fEIIBDEsSYOy6ToWtzqGIVcIAHBDfORB0Hcm+N
		230
		231	7wG3KDf61P4aWkLlkP5pRUaUIQdVblxginmx2K3n8t/WP7QcfITa191rjEVVBXmk
		232
		233	ROsCAwEAAaNgMF4wHwYDVR0jBBgwFoAUs8Caohh1ZGP8kjSn3rtxJiJJ9IswHQYD
		234
		235	VR0OBBYEFCjwGwqD7FG9UCNm3wjFQX4HixzfMAwGA1UdEwEB/wQCMAAwDgYDVR0P
		236
		237	AQH/BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQBgqI49a4PBQZYrFM63TX3EHgdd
		238
		239	N6Pj7AytjO+SrKNMCSo/OtIvhDTxOocr1vKrux1Tw5qmrllrIXLtlGtbmln5DS6a
		240
		241	DTCLrjwcIFIabLxpx5DPY1WSMYvL04SW7d4Y+3SxOFNRotDSiomr8eIIac0d3HE2
		242
		243	B5b0SnWZgWbrhjNUgvwo8l8tA9DOGIr2MeQ5kPjudOOiYSR3HC0v+jviBMV6VX8M
		244
		245	LHVH3CRshHDKBGpV1NZ1RAm9EY/oRGtSiMsyjRh6hegC0vehwVxaC4w9qG0ASkzz
		246
		247	42OOGfNqhYnYDiKTEIkazaoAFpTKDejWBaL7W5VpthUkQOl67IyX+ohuUKTo
		248
		249	~-~-~-~--END CERTIFICATE~-~-~-~--}
		250
		251	Note: Be sure to add a terminator "}" at the end of the command. Otherwise, the command will not execute successfully.
		252
		253	[[image:image-20240528174630-16.png\|\|height="553" width="747"]]
		254
		255	Display "Successfully configured client certificate." Configuration successful, otherwise configuration failed.
		256
		257
		258	(% data-sider-select-id="61ec994b-4a66-4db9-8b86-a401c99ba491" %)
		259	=== 4.2.3 Configure client private key ===
		260
		261
		262	Use the AT command AT+CLIKEY, as shown below
		263
		264	AT+CLIKEY=~-~-~-~--BEGIN RSA PRIVATE KEY~-~-~-~--
		265
		266	MIIEpAIBAAKCAQEAxN1zUZAtUGiEB4IkPqfpZMUAWvKBNyH3RrnBSvZuGVW4PG8S
		267
		268	EQo1ya7m84KjlqCZ8tZvZULGB7OC9A4FhDzWhOpck12Xi1LQMgJ+pv+iBUdYYdFq
		269
		270	jrtfKFs80FLSP+cI9MgiTr780F5g86Nob6m619cTtIYgRxzdF6+RiRQnHrL5Yfsw
		271
		272	uOPWa5+5cFVYgvVGt+shE/Dpq5WTt2FLmtQ29hwlrtB3qCkCHUPM+PtkQKu/t8Qg
		273
		274	gEMSxJg7LpOha3OoYhVwgAcEN85EHQdyb43vAbcoN/rU/hpaQuWQ/mlFRpQhB1Vu
		275
		276	XGCKebHYrefy39Y/tBx8hNrX3WuMRVUFeaRE6wIDAQABAoIBAFhAOcjvjBDGuaEw
		277
		278	CxV3al49HfqnSZuwg0xWSztSm2qKDcwxsnSnEhO2b1vsTW9h0YGV9Vv8gg/Dvkmv
		279
		280	23M7XqM4+IUraJsRZbl1etdcM4KQSCOZoF4Zyv+pXuq4pf31kQNCkHaikWzLUkUG
		281
		282	FPQxr0vA49mCYwfd/ZL3ppM/0IWmxRwloV1Gb9q8iDBUcJGSDokZnT7diUxzzOcd
		283
		284	+UJ6xUhFq1v46Y7vO+73XROLv34JEBC0bIw2ErL6+AbzhHwb2mkuSccG9Ks37g3Z
		285
		286	dyyjjj8hm1wvHWepuWqEssaiS3HD5zAsI0v85xS8RwNj3zLfd8o1WC666n3CO+ij
		287
		288	VdRmR4kCgYEA+/sEFxpfaRomqcLwJebZcZH06U1RfJFfnbH2/Q6fANf8zNxwWs9A
		289
		290	O+jyk/CLhHYRIk6VIOMQmWwEYgJ2eAHfw2Diwj4/0eqkGu+yZOS6KTCewxSV73vc
		291
		292	SvACramJy4y6yEgDN5onwR1XqfVMfA0LzTcSupHR/xvrpf/gCsNFPxUCgYEAyAFd
		293
		294	nMUhJFSq3pOogxA43aJSkA8YuDS3jpBkKQ6vx81APpIMabQauOxFDt488TZGP3Yy
		295
		296	lhpa/lfFIgu2K7CgV4dUp+JtJJoZ/F+ExxUUzdqB4zxzWywAcc3RebfwP6qASwFT
		297
		298	G3mXYci4tgNWR+k5CSsuLXDk/OT5uo5GeGAEc/8CgYEAk6V8uxDP8STKnNRFpN/E
		299
		300	b6CHciDE64m/DgbWY2cq0fK9BUjxaLRhvfj8EqVzCrWnyoNjLHcAJfW+B7PLuPvY
		301
		302	IoJlvE1/Vb/4UnQ7ApVnY3VCwaoRRNc9uIcz+pAJ1sRqOarAf9cLDkPkNwktvM5k
		303
		304	KOXpSnrhIms4w/bPT18l9xUCgYBsAMDKbXEuK0JyGw5+Z/4tQQCQpnZU0rLkm3ha
		305
		306	64FkxaORplBprEZZ4cyQ8NW78/EPSAadI/JLMp5TejuPcDvFyGCgoBcMEuNBc1tC
		307
		308	HlIzr3FAgl5Qt3wt+FTMA9YKq0nINxjn10s2FKwaLccj4f9YwiaXh0VAg22PnlDT
		309
		310	pBYDhQKBgQCMwyKXJ4zYiDRdvLvgKzeuKaU4KNQItHE4KORPfkecjPoENt4bKxDw
		311
		312	2EdNFQLIoqBHL1s+/8+SzhCI31V7pkTs1AqCxDExJS7+8Z5NQFQIo/jooUo0N80E
		313
		314	y3ZZS6OLOXXscEqhMogf1grfbabXM9OkgTIq43cPQHtMGQiFAtIJkg==
		315
		316	~-~-~-~--END RSA PRIVATE KEY~-~-~-~--}
		317
		318	Note: Be sure to add a terminator "}" at the end of the command. Otherwise, the command will not execute successfully.
		319
		320	[[image:image-20240528174702-17.png]]
		321
		322	Display "Successfully configured client private key." If the configuration is successful, otherwise it is considered configuration failure.
		323
		324
		325	(% data-sider-select-id="6ba3fbe9-394a-47e2-8eca-715449162645" %)
		326	=== 4.3.3 Re-upgrade the firmware ===
		327
		328
		329	After the certificate configuration is completed, Re-upgrade to the firmware you originally used.
		330
		331
		332	(% data-sider-select-id="d010cb3f-ad9a-4420-80d1-919b61731f41" %)
		333	= 5. Configure draginoNB-device =
		334
		335	(% data-sider-select-id="8125b1b7-0428-410e-a7c1-261a468944de" %)
		336	== 5.1 Configure the data format sent by the device ==
		337
		338
		339	AT+PRO=3,5(Data is in Json format of MQTT)
		340
		341
		342	(% data-sider-select-id="ba72cd93-5d23-47b8-8b69-2238e0b501ca" %)
		343	== 5.2 Set server address ==
		344
		345
		346	AT+SERVADDR=an5tk94sdgjat-ats.iot.us-east-1.amazonaws.com,8883
		347
		348
		349	(% data-sider-select-id="7da97212-7298-43eb-b178-94231a3eb5d8" %)
		350	== 5.3 Set up private and public topics ==
		351
		352
		353	AWS does not limit topics, so you can set any topic
		354
		355	AT+SUBTOPIC=Any
		356
		357	AT+PUBTOPIC=Any
		358
		359
		360	(% data-sider-select-id="a53f5c46-7530-440d-b29e-61a4eaafb709" %)
		361	== 5.4 Set the TLS mode ==
		362
		363
		364	AT+TLSMOD=1,2
		365
		366	To use the TLS mode certificate function, users need to configure the AT+TLSMOD command
		367
		368	AT+TLSMOD=1,0 No authentication
		369
		370	AT+TLSMOD=1,1 Perform server authentication
		371
		372	AT+TLSMOD=1,2 Perform server and client authentication if requested by the remote server.（In AWS we recommend using this mode）
		373
		374
		375	Restart the device
		376
		377
		378	(% data-sider-select-id="07128e51-24f8-40ff-b2a7-4a4de2346889" %)
		379	= 6. View data on AWS =
		380
		381	(% data-sider-select-id="6c108d6d-db3d-4542-8193-c4c33c88bc41" %)
		382	== 6.1 Find MQTT test client in test ==
		383
		384
		385	In the fourth step, fill in the topics you subscribed to before
		386
		387	AT+PUBTOPIC=XXXX
		388
		389	If you forget your previous topic, you can fill in #,subscribe to all topics
		390
		391	[[image:image-20240528175111-18.png\|\|height="409" width="1014"]]
		392
		393
		394	(% data-sider-select-id="9c23abff-6a4a-4320-95a2-33c42eb296f3" %)
		395	== (% data-sider-select-id="638ae5a9-ed23-43ff-bd61-b1c66e0d01d0" %)6.2 The data published information in Subscriptions(%%) ==
		396
		397
		398	[[image:image-20240528175133-19.png\|\|height="563" width="1022"]]
		399
		400	[[image:image-20240528175154-20.png\|\|height="752" width="1042"]]
		401
		402