Wiki source code of Dragino NB device connection to AWS platform instructions
Show last authors
| author | version | line-number | content |
|---|---|---|---|
| 1 | **Table of Contents: ** | ||
| 2 | |||
| 3 | {{toc/}} | ||
| 4 | |||
| 5 | |||
| 6 | |||
| 7 | |||
| 8 | |||
| 9 | |||
| 10 | |||
| 11 | |||
| 12 | |||
| 13 | |||
| 14 | = 1. Log in to the platform and find IoT core = | ||
| 15 | |||
| 16 | |||
| 17 | = 2. Create your own test policy = | ||
| 18 | |||
| 19 | == 2.1 First click the policy on the left, enter the page and click Create policy == | ||
| 20 | |||
| 21 | |||
| 22 | [[image:image-20240528172927-2.png||height="377" width="931"]] | ||
| 23 | |||
| 24 | |||
| 25 | == 2.2 After filling in a policy name for testing, the policy will be displayed on the page == | ||
| 26 | |||
| 27 | |||
| 28 | a. Fill in any name | ||
| 29 | |||
| 30 | b. Configure the policy you created | ||
| 31 | |||
| 32 | [[image:image-20240528173144-3.png||height="572" width="931"]] | ||
| 33 | |||
| 34 | |||
| 35 | c. After clicking to enter the policy configuration page, follow the clicking sequence below to go to the json configuration interface, and then fill in the following fields in the "statement" keyword: | ||
| 36 | |||
| 37 | (% data-sider-select-id="7bc0f6db-481d-435a-ad0c-92cf0ede3ea4" %) | ||
| 38 | (% data-sider-select-id="8026a4d9-df91-4895-b9c5-3d6ac9b46012" %)**{** | ||
| 39 | |||
| 40 | **~ "Version": "2012-10-17",** | ||
| 41 | |||
| 42 | **~ "Statement": [** | ||
| 43 | |||
| 44 | **~ {** | ||
| 45 | |||
| 46 | **~ "Effect": "Allow",** | ||
| 47 | |||
| 48 | **~ "Action": "",** | ||
| 49 | |||
| 50 | **~ "Resource": ""** | ||
| 51 | |||
| 52 | **~ }** | ||
| 53 | |||
| 54 | **~ ]** | ||
| 55 | |||
| 56 | **}** | ||
| 57 | |||
| 58 | |||
| 59 | [[image:image-20240528173203-4.png||height="517" width="942"]] | ||
| 60 | |||
| 61 | |||
| 62 | d. Create this policy | ||
| 63 | |||
| 64 | |||
| 65 | = 3. Create a Things = | ||
| 66 | |||
| 67 | == 3.1 Create a single Things == | ||
| 68 | |||
| 69 | |||
| 70 | (% style="color:blue" %)**1. Select Create Things** | ||
| 71 | |||
| 72 | [[image:image-20240528173244-5.png||height="329" width="932"]] | ||
| 73 | |||
| 74 | [[image:image-20240528173500-6.png||height="484" width="928"]] | ||
| 75 | |||
| 76 | |||
| 77 | (% style="color:blue" %)**2. Fill in the name of the control item you want to create in the thing name column** | ||
| 78 | |||
| 79 | Use the default for other parameters | ||
| 80 | |||
| 81 | Then click Next. | ||
| 82 | |||
| 83 | [[image:image-20240528173754-7.png||height="712" width="781"]] | ||
| 84 | |||
| 85 | |||
| 86 | (% style="color:blue" %)**3. Choose to automatically generate a new certificate** | ||
| 87 | |||
| 88 | Then click Next | ||
| 89 | |||
| 90 | [[image:image-20240528173829-8.png||height="547" width="782"]] | ||
| 91 | |||
| 92 | |||
| 93 | (% style="color:blue" %)**4. The next step is to choose a strategy** | ||
| 94 | |||
| 95 | Here you can choose a policy we created in the first step | ||
| 96 | |||
| 97 | [[image:image-20240528173851-9.png||height="580" width="785"]] | ||
| 98 | |||
| 99 | |||
| 100 | (% style="color:blue" %)**5. When you click to create things, the certificate download page will pop up** | ||
| 101 | |||
| 102 | (% data-sider-select-id="398c8d35-75ff-4077-85bb-9e0377efa186" %) | ||
| 103 | (% data-sider-select-id="087aa6c7-c542-4afc-9ce6-291538c31764" %)**This certificate is very important.**(%%) After creating the device, you must download the certificate of the device so that our NB device can connect normally. | ||
| 104 | |||
| 105 | Please download all the following certificates and put them in a folder. | ||
| 106 | |||
| 107 | [[image:image-20240528173926-10.png]] | ||
| 108 | |||
| 109 | |||
| 110 | (% style="color:blue" %)**6. You can see the things you just created in the things** | ||
| 111 | |||
| 112 | [[image:image-20240528173951-11.png||height="381" width="1089"]] | ||
| 113 | |||
| 114 | |||
| 115 | = 4. Connect to AWS using Dragino-NB device = | ||
| 116 | |||
| 117 | == 4.1 Upgrade the firmware to configure TTS firmware to set the certificate == | ||
| 118 | |||
| 119 | |||
| 120 | User can change device firmware to:: | ||
| 121 | |||
| 122 | * Update with new features. | ||
| 123 | |||
| 124 | * Fix bugs. | ||
| 125 | |||
| 126 | Firmware and changelog can be downloaded from : **[[Set up TLS certificate - Dropbox>>url:https://www.dropbox.com/sh/sxrgszkac4ips0q/AAA7xVIHen982Nc0edNPaB-Wa/NB-IoT/Set%20up%20TLS%20certificate?dl=0&subfolder_nav_tracking=1||data-sider-select-id="830d1b64-cb24-48b3-91e4-49da5c3f0783"]]** | ||
| 127 | |||
| 128 | Methods to Update Firmware: | ||
| 129 | |||
| 130 | * (Recommended way) OTA firmware update via BLE: [[**Instruction**>>url:http://wiki.dragino.com/xwiki/bin/view/Main/BLE_Firmware_Update_NB_Sensors_BC660K-GL/]]. | ||
| 131 | |||
| 132 | * Update through UART TTL interface : **[[Instruction>>url:http://wiki.dragino.com/xwiki/bin/view/Main/UART_Access_for_NB_ST_BC660K-GL/#H4.2UpdateFirmware28Assumethedevicealreadyhaveabootloader29]]**. | ||
| 133 | |||
| 134 | |||
| 135 | |||
| 136 | == 4.2 Configure certificate == | ||
| 137 | |||
| 138 | |||
| 139 | After upgrade the firmware, the serial port displays as follows: | ||
| 140 | |||
| 141 | (% data-sider-select-id="8b6a9e23-dec0-476c-acd4-098aa19fe1f3" %) | ||
| 142 | [[image:image-20240528174330-13.png||height="286" width="568"]] | ||
| 143 | |||
| 144 | |||
| 145 | === 4.2.1 Configure CA certificate === | ||
| 146 | |||
| 147 | |||
| 148 | Please input the certificate in PEM format for the user. | ||
| 149 | |||
| 150 | Use the AT command AT+CACERT as follows: | ||
| 151 | |||
| 152 | AT+CACERT=~-~-~-~--BEGIN CERTIFICATE~-~-~-~-- | ||
| 153 | |||
| 154 | MIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsF | ||
| 155 | |||
| 156 | ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6 | ||
| 157 | |||
| 158 | b24gUm9vdCBDQSAxMB4XDTE1MDUyNjAwMDAwMFoXDTM4MDExNzAwMDAwMFowOTEL | ||
| 159 | |||
| 160 | MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv | ||
| 161 | |||
| 162 | b3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj | ||
| 163 | |||
| 164 | ca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM | ||
| 165 | |||
| 166 | 9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qw | ||
| 167 | |||
| 168 | IFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6 | ||
| 169 | |||
| 170 | VOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L | ||
| 171 | |||
| 172 | 93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQm | ||
| 173 | |||
| 174 | jgSubJrIqg0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC | ||
| 175 | |||
| 176 | AYYwHQYDVR0OBBYEFIQYzIU07LwMlJQuCFmcx7IQTgoIMA0GCSqGSIb3DQEBCwUA | ||
| 177 | |||
| 178 | A4IBAQCY8jdaQZChGsV2USggNiMOruYou6r4lK5IpDB/G/wkjUu0yKGX9rbxenDI | ||
| 179 | |||
| 180 | U5PMCCjjmCXPI6T53iHTfIUJrU6adTrCC2qJeHZERxhlbI1Bjjt/msv0tadQ1wUs | ||
| 181 | |||
| 182 | N+gDS63pYaACbvXy8MWy7Vu33PqUXHeeE6V/Uq2V8viTO96LXFvKWlJbYK8U90vv | ||
| 183 | |||
| 184 | o/ufQJVtMVT8QtPHRh8jrdkPSHCa2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU | ||
| 185 | |||
| 186 | 5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2xJNDd2ZhwLnoQdeXeGADbkpy | ||
| 187 | |||
| 188 | rqXRfboQnoZsG4q5WTP468SQvvG5 | ||
| 189 | |||
| 190 | ~-~-~-~--END CERTIFICATE~-~-~-~--} | ||
| 191 | |||
| 192 | (% style="color:red" %)**Note: Be sure to add a terminator "}" at the end of the command. Otherwise, the command will not execute successfully.** | ||
| 193 | |||
| 194 | [[image:image-20240528174408-14.png]] | ||
| 195 | |||
| 196 | |||
| 197 | After successful execution, as shown in the following figure. | ||
| 198 | |||
| 199 | [[image:image-20240528174502-15.png]] | ||
| 200 | |||
| 201 | Display (% style="color:blue" %)**"Successfully configured CA certificate."**(%%) If the configuration is successful, otherwise it is considered configuration failure. | ||
| 202 | |||
| 203 | |||
| 204 | === 4.2.2 Configure client certificate === | ||
| 205 | |||
| 206 | |||
| 207 | Use the AT command AT+CLICERT as follows: | ||
| 208 | |||
| 209 | AT+CLICERT=~-~-~-~--BEGIN CERTIFICATE~-~-~-~-- | ||
| 210 | |||
| 211 | MIIDWTCCAkGgAwIBAgIUYSpJUzfb4NTa76JJxd2th0fZA8swDQYJKoZIhvcNAQEL | ||
| 212 | |||
| 213 | BQAwTTFLMEkGA1UECwxCQW1hem9uIFdlYiBTZXJ2aWNlcyBPPUFtYXpvbi5jb20g | ||
| 214 | |||
| 215 | SW5jLiBMPVNlYXR0bGUgU1Q9V2FzaGluZ3RvbiBDPVVTMB4XDTI0MDUyNDA4MDI0 | ||
| 216 | |||
| 217 | NVoXDTQ5MTIzMTIzNTk1OVowHjEcMBoGA1UEAwwTQVdTIElvVCBDZXJ0aWZpY2F0 | ||
| 218 | |||
| 219 | ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMTdc1GQLVBohAeCJD6n | ||
| 220 | |||
| 221 | 6WTFAFrygTch90a5wUr2bhlVuDxvEhEKNcmu5vOCo5agmfLWb2VCxgezgvQOBYQ8 | ||
| 222 | |||
| 223 | 1oTqXJNdl4tS0DICfqb/ogVHWGHRao67XyhbPNBS0j/nCPTIIk6+/NBeYPOjaG+p | ||
| 224 | |||
| 225 | utfXE7SGIEcc3RevkYkUJx6y+WH7MLjj1mufuXBVWIL1RrfrIRPw6auVk7dhS5rU | ||
| 226 | |||
| 227 | NvYcJa7Qd6gpAh1DzPj7ZECrv7fEIIBDEsSYOy6ToWtzqGIVcIAHBDfORB0Hcm+N | ||
| 228 | |||
| 229 | 7wG3KDf61P4aWkLlkP5pRUaUIQdVblxginmx2K3n8t/WP7QcfITa191rjEVVBXmk | ||
| 230 | |||
| 231 | ROsCAwEAAaNgMF4wHwYDVR0jBBgwFoAUs8Caohh1ZGP8kjSn3rtxJiJJ9IswHQYD | ||
| 232 | |||
| 233 | VR0OBBYEFCjwGwqD7FG9UCNm3wjFQX4HixzfMAwGA1UdEwEB/wQCMAAwDgYDVR0P | ||
| 234 | |||
| 235 | AQH/BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQBgqI49a4PBQZYrFM63TX3EHgdd | ||
| 236 | |||
| 237 | N6Pj7AytjO+SrKNMCSo/OtIvhDTxOocr1vKrux1Tw5qmrllrIXLtlGtbmln5DS6a | ||
| 238 | |||
| 239 | DTCLrjwcIFIabLxpx5DPY1WSMYvL04SW7d4Y+3SxOFNRotDSiomr8eIIac0d3HE2 | ||
| 240 | |||
| 241 | B5b0SnWZgWbrhjNUgvwo8l8tA9DOGIr2MeQ5kPjudOOiYSR3HC0v+jviBMV6VX8M | ||
| 242 | |||
| 243 | LHVH3CRshHDKBGpV1NZ1RAm9EY/oRGtSiMsyjRh6hegC0vehwVxaC4w9qG0ASkzz | ||
| 244 | |||
| 245 | 42OOGfNqhYnYDiKTEIkazaoAFpTKDejWBaL7W5VpthUkQOl67IyX+ohuUKTo | ||
| 246 | |||
| 247 | ~-~-~-~--END CERTIFICATE~-~-~-~--} | ||
| 248 | |||
| 249 | (% style="color:red" %)**Note: Be sure to add a terminator "}" at the end of the command. Otherwise, the command will not execute successfully.** | ||
| 250 | |||
| 251 | [[image:image-20240528174630-16.png||height="553" width="747"]] | ||
| 252 | |||
| 253 | Display (% style="color:blue" %)**"Successfully configured client certificate."**(%%) Configuration successful, otherwise configuration failed. | ||
| 254 | |||
| 255 | |||
| 256 | === 4.2.3 Configure client private key === | ||
| 257 | |||
| 258 | |||
| 259 | Use the AT command AT+CLIKEY, as shown below | ||
| 260 | |||
| 261 | AT+CLIKEY=~-~-~-~--BEGIN RSA PRIVATE KEY~-~-~-~-- | ||
| 262 | |||
| 263 | MIIEpAIBAAKCAQEAxN1zUZAtUGiEB4IkPqfpZMUAWvKBNyH3RrnBSvZuGVW4PG8S | ||
| 264 | |||
| 265 | EQo1ya7m84KjlqCZ8tZvZULGB7OC9A4FhDzWhOpck12Xi1LQMgJ+pv+iBUdYYdFq | ||
| 266 | |||
| 267 | jrtfKFs80FLSP+cI9MgiTr780F5g86Nob6m619cTtIYgRxzdF6+RiRQnHrL5Yfsw | ||
| 268 | |||
| 269 | uOPWa5+5cFVYgvVGt+shE/Dpq5WTt2FLmtQ29hwlrtB3qCkCHUPM+PtkQKu/t8Qg | ||
| 270 | |||
| 271 | gEMSxJg7LpOha3OoYhVwgAcEN85EHQdyb43vAbcoN/rU/hpaQuWQ/mlFRpQhB1Vu | ||
| 272 | |||
| 273 | XGCKebHYrefy39Y/tBx8hNrX3WuMRVUFeaRE6wIDAQABAoIBAFhAOcjvjBDGuaEw | ||
| 274 | |||
| 275 | CxV3al49HfqnSZuwg0xWSztSm2qKDcwxsnSnEhO2b1vsTW9h0YGV9Vv8gg/Dvkmv | ||
| 276 | |||
| 277 | 23M7XqM4+IUraJsRZbl1etdcM4KQSCOZoF4Zyv+pXuq4pf31kQNCkHaikWzLUkUG | ||
| 278 | |||
| 279 | FPQxr0vA49mCYwfd/ZL3ppM/0IWmxRwloV1Gb9q8iDBUcJGSDokZnT7diUxzzOcd | ||
| 280 | |||
| 281 | +UJ6xUhFq1v46Y7vO+73XROLv34JEBC0bIw2ErL6+AbzhHwb2mkuSccG9Ks37g3Z | ||
| 282 | |||
| 283 | dyyjjj8hm1wvHWepuWqEssaiS3HD5zAsI0v85xS8RwNj3zLfd8o1WC666n3CO+ij | ||
| 284 | |||
| 285 | VdRmR4kCgYEA+/sEFxpfaRomqcLwJebZcZH06U1RfJFfnbH2/Q6fANf8zNxwWs9A | ||
| 286 | |||
| 287 | O+jyk/CLhHYRIk6VIOMQmWwEYgJ2eAHfw2Diwj4/0eqkGu+yZOS6KTCewxSV73vc | ||
| 288 | |||
| 289 | SvACramJy4y6yEgDN5onwR1XqfVMfA0LzTcSupHR/xvrpf/gCsNFPxUCgYEAyAFd | ||
| 290 | |||
| 291 | nMUhJFSq3pOogxA43aJSkA8YuDS3jpBkKQ6vx81APpIMabQauOxFDt488TZGP3Yy | ||
| 292 | |||
| 293 | lhpa/lfFIgu2K7CgV4dUp+JtJJoZ/F+ExxUUzdqB4zxzWywAcc3RebfwP6qASwFT | ||
| 294 | |||
| 295 | G3mXYci4tgNWR+k5CSsuLXDk/OT5uo5GeGAEc/8CgYEAk6V8uxDP8STKnNRFpN/E | ||
| 296 | |||
| 297 | b6CHciDE64m/DgbWY2cq0fK9BUjxaLRhvfj8EqVzCrWnyoNjLHcAJfW+B7PLuPvY | ||
| 298 | |||
| 299 | IoJlvE1/Vb/4UnQ7ApVnY3VCwaoRRNc9uIcz+pAJ1sRqOarAf9cLDkPkNwktvM5k | ||
| 300 | |||
| 301 | KOXpSnrhIms4w/bPT18l9xUCgYBsAMDKbXEuK0JyGw5+Z/4tQQCQpnZU0rLkm3ha | ||
| 302 | |||
| 303 | 64FkxaORplBprEZZ4cyQ8NW78/EPSAadI/JLMp5TejuPcDvFyGCgoBcMEuNBc1tC | ||
| 304 | |||
| 305 | HlIzr3FAgl5Qt3wt+FTMA9YKq0nINxjn10s2FKwaLccj4f9YwiaXh0VAg22PnlDT | ||
| 306 | |||
| 307 | pBYDhQKBgQCMwyKXJ4zYiDRdvLvgKzeuKaU4KNQItHE4KORPfkecjPoENt4bKxDw | ||
| 308 | |||
| 309 | 2EdNFQLIoqBHL1s+/8+SzhCI31V7pkTs1AqCxDExJS7+8Z5NQFQIo/jooUo0N80E | ||
| 310 | |||
| 311 | y3ZZS6OLOXXscEqhMogf1grfbabXM9OkgTIq43cPQHtMGQiFAtIJkg== | ||
| 312 | |||
| 313 | ~-~-~-~--END RSA PRIVATE KEY~-~-~-~--} | ||
| 314 | |||
| 315 | (% style="color:red" %)**Note: Be sure to add a terminator "}" at the end of the command. Otherwise, the command will not execute successfully.** | ||
| 316 | |||
| 317 | [[image:image-20240528174702-17.png]] | ||
| 318 | |||
| 319 | Display(% style="color:blue" %)** "Successfully configured client private key."**(%%) If the configuration is successful, otherwise it is considered configuration failure. | ||
| 320 | |||
| 321 | |||
| 322 | === 4.3.3 Re-upgrade the firmware === | ||
| 323 | |||
| 324 | |||
| 325 | After the certificate configuration is completed, Re-upgrade to the firmware you originally used. | ||
| 326 | |||
| 327 | |||
| 328 | = 5. Configure draginoNB-device = | ||
| 329 | |||
| 330 | == 5.1 Configure the data format sent by the device == | ||
| 331 | |||
| 332 | |||
| 333 | (% style="color:blue" %)**AT+PRO=3,5**(%%) (Data is in Json format of MQTT) | ||
| 334 | |||
| 335 | |||
| 336 | == 5.2 Set server address == | ||
| 337 | |||
| 338 | |||
| 339 | (% style="color:blue" %)**AT+SERVADDR=an5tk94sdgjat-ats.iot.us-east-1.amazonaws.com,8883** | ||
| 340 | |||
| 341 | |||
| 342 | == 5.3 Set up private and public topics == | ||
| 343 | |||
| 344 | |||
| 345 | AWS does not limit topics, so you can set any topic | ||
| 346 | |||
| 347 | (% style="color:blue" %)**AT+SUBTOPIC=Any** | ||
| 348 | |||
| 349 | (% style="color:blue" %)**AT+PUBTOPIC=Any** | ||
| 350 | |||
| 351 | |||
| 352 | == 5.4 Set the TLS mode == | ||
| 353 | |||
| 354 | |||
| 355 | (% style="color:blue" %)**AT+TLSMOD=1,2** | ||
| 356 | |||
| 357 | To use the TLS mode certificate function, users need to configure the (% style="color:blue" %)**AT+TLSMOD**(%%) command. | ||
| 358 | |||
| 359 | (% style="color:blue" %)**AT+TLSMOD=1,0** (%%) ~/~/ No authentication | ||
| 360 | |||
| 361 | (% style="color:blue" %)**AT+TLSMOD=1,1** (%%) ~/~/ Perform server authentication | ||
| 362 | |||
| 363 | (% style="color:blue" %)**AT+TLSMOD=1,2** (%%) ~/~/ Perform server and client authentication if requested by the remote server.(In AWS we recommend using this mode) | ||
| 364 | |||
| 365 | |||
| 366 | Restart the device | ||
| 367 | |||
| 368 | |||
| 369 | = 6. View data on AWS = | ||
| 370 | |||
| 371 | == 6.1 Find MQTT test client in test == | ||
| 372 | |||
| 373 | |||
| 374 | In the fourth step, fill in the topics you subscribed to before | ||
| 375 | |||
| 376 | (% style="color:blue" %)**AT+PUBTOPIC=XXXX** | ||
| 377 | |||
| 378 | If you forget your previous topic, you can fill in #,subscribe to all topics | ||
| 379 | |||
| 380 | [[image:image-20240528175111-18.png||height="409" width="1014"]] | ||
| 381 | |||
| 382 | |||
| 383 | == 6.2 The data published information in Subscriptions == | ||
| 384 | |||
| 385 | |||
| 386 | [[image:image-20240528175133-19.png||height="563" width="1022"]] | ||
| 387 | |||
| 388 | [[image:image-20240528175154-20.png||height="752" width="1042"]] | ||
| 389 | |||
| 390 |