Wiki source code of Dragino -NB/-CB device connection to AWS platform instructions

Version 49.5 by Mengting Qiu on 2025/07/29 14:00

version	line-number	content
23.7	1	Table of Contents:
	2
1.1	3	{{toc/}}
	4
	5
23.7	6
	7
	8
	9
	10
	11
	12
	13
23.6	14	= 1. Log in to the platform and find IoT core =
1.1	15
23.2	16
23.6	17	= 2. Create your own test policy =
1.1	18
23.6	19	== 2.1 First click the policy on the left, enter the page and click Create policy ==
1.1	20
23.7	21
23.3	22	[[image:image-20240528172927-2.png\|\|height="377" width="931"]]
1.1	23
	24
23.6	25	== 2.2 After filling in a policy name for testing, the policy will be displayed on the page ==
23.2	26
	27
1.2	28	a. Fill in any name
1.1	29
	30
35.1	31	b. Fill in * to Policy action and Policy resource (* stands for all)
1.1	32
35.1	33	[[image:image-20250103152135-2.png\|\|height="777" width="1544"]]
22.1	34
35.1	35
1.2	36	c. After clicking to enter the policy configuration page, follow the clicking sequence below to go to the json configuration interface, and then fill in the following fields in the "statement" keyword:
1.1	37
	38
35.1	39	**{
	40	"Version": "2012-10-17",
	41	"Statement": [
	42	{
	43	"Effect": "Allow",
	44	"Action": "iot:*",
	45	"Resource": "*"
	46	}
	47	]
	48	}**
24.6	49
1.1	50
	51
35.1	52	[[image:image-20250103151957-1.png\|\|height="529" width="935"]]
1.2	53
	54	d. Create this policy
	55
	56
22.1	57	= 3. Create a Things =
1.2	58
22.1	59	== 3.1 Create a single Things ==
1.2	60
23.2	61
23.7	62	(% style="color:blue" %)1. Select Create Things
1.2	63
22.1	64	[[image:image-20240528173244-5.png\|\|height="329" width="932"]]
1.2	65
22.1	66	[[image:image-20240528173500-6.png\|\|height="484" width="928"]]
1.2	67
	68
23.7	69	(% style="color:blue" %)2. Fill in the name of the control item you want to create in the thing name column
1.2	70
	71	Use the default for other parameters
	72
	73	Then click Next.
	74
22.1	75	[[image:image-20240528173754-7.png\|\|height="712" width="781"]]
1.2	76
	77
23.7	78	(% style="color:blue" %)3. Choose to automatically generate a new certificate
22.1	79
1.2	80	Then click Next
	81
22.1	82	[[image:image-20240528173829-8.png\|\|height="547" width="782"]]
1.2	83
	84
23.7	85	(% style="color:blue" %)4. The next step is to choose a strategy
22.1	86
1.2	87	Here you can choose a policy we created in the first step
	88
22.1	89	[[image:image-20240528173851-9.png\|\|height="580" width="785"]]
1.2	90
	91
23.7	92	(% style="color:blue" %)5. When you click to create things, the certificate download page will pop up
22.1	93
1.2	94
24.7	95	This certificate is very important. After creating the device, you must download the certificate of the device so that our NB device can connect normally.
24.6	96
1.2	97	Please download all the following certificates and put them in a folder.
	98
22.1	99	[[image:image-20240528173926-10.png]]
1.2	100
	101
23.7	102	(% style="color:blue" %)6. You can see the things you just created in the things
1.2	103
22.1	104	[[image:image-20240528173951-11.png\|\|height="381" width="1089"]]
1.2	105
	106
23.7	107	= 4. Connect to AWS using Dragino-NB device =
1.2	108
28.1	109
29.1	110	(% id="cke_bm_37736S" style="color:red; display:none" %) (% style="color:red" %)Note: (%%)In order to avoid problems with certificate writing, you need to set the serial port assistant to automatically add a newline character when sending commands, if there is no such newline character, the certificate written will be invalid.(Using the serial port assistant as an example)
28.1	111
31.1	112	[[image:image-20240822090554-1.png\|\|height="501" width="656"]]
28.1	113
29.1	114
24.6	115	== 4.1 For -NB /-NS model ==
1.2	116
36.1	117	=== 4.1.1 Upgrade the firmware to configure TLS firmware to set the certificate ===
23.2	118
24.2	119
23.1	120	User can change device firmware to::
1.2	121
23.1	122	* Update with new features.
22.1	123
23.1	124	* Fix bugs.
22.1	125
24.2	126	Firmware and changelog can be downloaded from : [[Set up TLS certificate - Dropbox>>https://www.dropbox.com/scl/fo/1ykfsesmr3702tj3kp663/AOOyH1GiVEOGR41gASuiDk0?rlkey=1q7a1b5yvjgt87d16w8tt0cum&st=vdy765ut&dl=0\|\|data-sider-select-id="830d1b64-cb24-48b3-91e4-49da5c3f0783"]]
23.1	127
	128	Methods to Update Firmware:
	129
	130	* (Recommended way) OTA firmware update via BLE: [[Instruction>>url:http://wiki.dragino.com/xwiki/bin/view/Main/BLE_Firmware_Update_NB_Sensors_BC660K-GL/]].
	131
	132	* Update through UART TTL interface : [[Instruction>>url:http://wiki.dragino.com/xwiki/bin/view/Main/UART_Access_for_NB_ST_BC660K-GL/#H4.2UpdateFirmware28Assumethedevicealreadyhaveabootloader29]].
	133
24.6	134	=== 4.1.2 Configure certificate ===
23.2	135
22.1	136
1.2	137	After upgrade the firmware, the serial port displays as follows：
	138
38.1	139	[[image:image-20250306113602-1.png\|\|height="401" width="856"]]
1.2	140
23.2	141
24.6	142	==== 4.1.2.1 Configure CA certificate ====
1.2	143
23.2	144
1.2	145	Please input the certificate in PEM format for the user.
	146
	147	Use the AT command AT+CACERT as follows:
	148
	149	AT+CACERT=~-~-~-~--BEGIN CERTIFICATE~-~-~-~--
	150
	151	MIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsF
	152
	153	ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6
	154
	155	b24gUm9vdCBDQSAxMB4XDTE1MDUyNjAwMDAwMFoXDTM4MDExNzAwMDAwMFowOTEL
	156
	157	MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv
	158
	159	b3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj
	160
	161	ca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM
	162
	163	9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qw
	164
	165	IFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6
	166
	167	VOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L
	168
	169	93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQm
	170
	171	jgSubJrIqg0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC
	172
	173	AYYwHQYDVR0OBBYEFIQYzIU07LwMlJQuCFmcx7IQTgoIMA0GCSqGSIb3DQEBCwUA
	174
	175	A4IBAQCY8jdaQZChGsV2USggNiMOruYou6r4lK5IpDB/G/wkjUu0yKGX9rbxenDI
	176
	177	U5PMCCjjmCXPI6T53iHTfIUJrU6adTrCC2qJeHZERxhlbI1Bjjt/msv0tadQ1wUs
	178
	179	N+gDS63pYaACbvXy8MWy7Vu33PqUXHeeE6V/Uq2V8viTO96LXFvKWlJbYK8U90vv
	180
	181	o/ufQJVtMVT8QtPHRh8jrdkPSHCa2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU
	182
	183	5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2xJNDd2ZhwLnoQdeXeGADbkpy
	184
	185	rqXRfboQnoZsG4q5WTP468SQvvG5
	186
	187	~-~-~-~--END CERTIFICATE~-~-~-~--}
	188
23.4	189	(% style="color:red" %)Note: Be sure to add a terminator "}" at the end of the command. Otherwise, the command will not execute successfully.
1.2	190
22.1	191	[[image:image-20240528174408-14.png]]
1.2	192
	193
	194	After successful execution, as shown in the following figure.
	195
41.1	196	[[image:image-20250306113849-2.png\|\|height="742" width="456"]]
1.2	197
23.4	198	Display (% style="color:blue" %)"Successfully configured CA certificate."(%%) If the configuration is successful, otherwise it is considered configuration failure.
1.2	199
23.2	200
24.6	201	==== 4.1.2.2 Configure client certificate ====
1.2	202
23.2	203
1.2	204	Use the AT command AT+CLICERT as follows：
	205
	206	AT+CLICERT=~-~-~-~--BEGIN CERTIFICATE~-~-~-~--
	207
	208	MIIDWTCCAkGgAwIBAgIUYSpJUzfb4NTa76JJxd2th0fZA8swDQYJKoZIhvcNAQEL
	209
	210	BQAwTTFLMEkGA1UECwxCQW1hem9uIFdlYiBTZXJ2aWNlcyBPPUFtYXpvbi5jb20g
	211
	212	SW5jLiBMPVNlYXR0bGUgU1Q9V2FzaGluZ3RvbiBDPVVTMB4XDTI0MDUyNDA4MDI0
	213
	214	NVoXDTQ5MTIzMTIzNTk1OVowHjEcMBoGA1UEAwwTQVdTIElvVCBDZXJ0aWZpY2F0
	215
	216	ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMTdc1GQLVBohAeCJD6n
	217
	218	6WTFAFrygTch90a5wUr2bhlVuDxvEhEKNcmu5vOCo5agmfLWb2VCxgezgvQOBYQ8
	219
	220	1oTqXJNdl4tS0DICfqb/ogVHWGHRao67XyhbPNBS0j/nCPTIIk6+/NBeYPOjaG+p
	221
	222	utfXE7SGIEcc3RevkYkUJx6y+WH7MLjj1mufuXBVWIL1RrfrIRPw6auVk7dhS5rU
	223
	224	NvYcJa7Qd6gpAh1DzPj7ZECrv7fEIIBDEsSYOy6ToWtzqGIVcIAHBDfORB0Hcm+N
	225
	226	7wG3KDf61P4aWkLlkP5pRUaUIQdVblxginmx2K3n8t/WP7QcfITa191rjEVVBXmk
	227
	228	ROsCAwEAAaNgMF4wHwYDVR0jBBgwFoAUs8Caohh1ZGP8kjSn3rtxJiJJ9IswHQYD
	229
	230	VR0OBBYEFCjwGwqD7FG9UCNm3wjFQX4HixzfMAwGA1UdEwEB/wQCMAAwDgYDVR0P
	231
	232	AQH/BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQBgqI49a4PBQZYrFM63TX3EHgdd
	233
	234	N6Pj7AytjO+SrKNMCSo/OtIvhDTxOocr1vKrux1Tw5qmrllrIXLtlGtbmln5DS6a
	235
	236	DTCLrjwcIFIabLxpx5DPY1WSMYvL04SW7d4Y+3SxOFNRotDSiomr8eIIac0d3HE2
	237
	238	B5b0SnWZgWbrhjNUgvwo8l8tA9DOGIr2MeQ5kPjudOOiYSR3HC0v+jviBMV6VX8M
	239
	240	LHVH3CRshHDKBGpV1NZ1RAm9EY/oRGtSiMsyjRh6hegC0vehwVxaC4w9qG0ASkzz
	241
	242	42OOGfNqhYnYDiKTEIkazaoAFpTKDejWBaL7W5VpthUkQOl67IyX+ohuUKTo
	243
	244	~-~-~-~--END CERTIFICATE~-~-~-~--}
	245
23.4	246	(% style="color:red" %)Note: Be sure to add a terminator "}" at the end of the command. Otherwise, the command will not execute successfully.
1.2	247
22.1	248	[[image:image-20240528174630-16.png\|\|height="553" width="747"]]
1.2	249
23.4	250	Display (% style="color:blue" %)"Successfully configured client certificate."(%%) Configuration successful, otherwise configuration failed.
1.2	251
23.2	252
24.6	253	==== 4.1.2.3 Configure client private key ====
1.2	254
23.2	255
1.2	256	Use the AT command AT+CLIKEY, as shown below
	257
	258	AT+CLIKEY=~-~-~-~--BEGIN RSA PRIVATE KEY~-~-~-~--
	259
	260	MIIEpAIBAAKCAQEAxN1zUZAtUGiEB4IkPqfpZMUAWvKBNyH3RrnBSvZuGVW4PG8S
	261
	262	EQo1ya7m84KjlqCZ8tZvZULGB7OC9A4FhDzWhOpck12Xi1LQMgJ+pv+iBUdYYdFq
	263
	264	jrtfKFs80FLSP+cI9MgiTr780F5g86Nob6m619cTtIYgRxzdF6+RiRQnHrL5Yfsw
	265
	266	uOPWa5+5cFVYgvVGt+shE/Dpq5WTt2FLmtQ29hwlrtB3qCkCHUPM+PtkQKu/t8Qg
	267
	268	gEMSxJg7LpOha3OoYhVwgAcEN85EHQdyb43vAbcoN/rU/hpaQuWQ/mlFRpQhB1Vu
	269
	270	XGCKebHYrefy39Y/tBx8hNrX3WuMRVUFeaRE6wIDAQABAoIBAFhAOcjvjBDGuaEw
	271
	272	CxV3al49HfqnSZuwg0xWSztSm2qKDcwxsnSnEhO2b1vsTW9h0YGV9Vv8gg/Dvkmv
	273
	274	23M7XqM4+IUraJsRZbl1etdcM4KQSCOZoF4Zyv+pXuq4pf31kQNCkHaikWzLUkUG
	275
	276	FPQxr0vA49mCYwfd/ZL3ppM/0IWmxRwloV1Gb9q8iDBUcJGSDokZnT7diUxzzOcd
	277
	278	+UJ6xUhFq1v46Y7vO+73XROLv34JEBC0bIw2ErL6+AbzhHwb2mkuSccG9Ks37g3Z
	279
	280	dyyjjj8hm1wvHWepuWqEssaiS3HD5zAsI0v85xS8RwNj3zLfd8o1WC666n3CO+ij
	281
	282	VdRmR4kCgYEA+/sEFxpfaRomqcLwJebZcZH06U1RfJFfnbH2/Q6fANf8zNxwWs9A
	283
	284	O+jyk/CLhHYRIk6VIOMQmWwEYgJ2eAHfw2Diwj4/0eqkGu+yZOS6KTCewxSV73vc
	285
	286	SvACramJy4y6yEgDN5onwR1XqfVMfA0LzTcSupHR/xvrpf/gCsNFPxUCgYEAyAFd
	287
	288	nMUhJFSq3pOogxA43aJSkA8YuDS3jpBkKQ6vx81APpIMabQauOxFDt488TZGP3Yy
	289
	290	lhpa/lfFIgu2K7CgV4dUp+JtJJoZ/F+ExxUUzdqB4zxzWywAcc3RebfwP6qASwFT
	291
	292	G3mXYci4tgNWR+k5CSsuLXDk/OT5uo5GeGAEc/8CgYEAk6V8uxDP8STKnNRFpN/E
	293
	294	b6CHciDE64m/DgbWY2cq0fK9BUjxaLRhvfj8EqVzCrWnyoNjLHcAJfW+B7PLuPvY
	295
	296	IoJlvE1/Vb/4UnQ7ApVnY3VCwaoRRNc9uIcz+pAJ1sRqOarAf9cLDkPkNwktvM5k
	297
	298	KOXpSnrhIms4w/bPT18l9xUCgYBsAMDKbXEuK0JyGw5+Z/4tQQCQpnZU0rLkm3ha
	299
	300	64FkxaORplBprEZZ4cyQ8NW78/EPSAadI/JLMp5TejuPcDvFyGCgoBcMEuNBc1tC
	301
	302	HlIzr3FAgl5Qt3wt+FTMA9YKq0nINxjn10s2FKwaLccj4f9YwiaXh0VAg22PnlDT
	303
	304	pBYDhQKBgQCMwyKXJ4zYiDRdvLvgKzeuKaU4KNQItHE4KORPfkecjPoENt4bKxDw
	305
	306	2EdNFQLIoqBHL1s+/8+SzhCI31V7pkTs1AqCxDExJS7+8Z5NQFQIo/jooUo0N80E
	307
	308	y3ZZS6OLOXXscEqhMogf1grfbabXM9OkgTIq43cPQHtMGQiFAtIJkg==
	309
	310	~-~-~-~--END RSA PRIVATE KEY~-~-~-~--}
	311
23.4	312	(% style="color:red" %)Note: Be sure to add a terminator "}" at the end of the command. Otherwise, the command will not execute successfully.
1.2	313
22.1	314	[[image:image-20240528174702-17.png]]
1.2	315
23.7	316	Display(% style="color:blue" %) "Successfully configured client private key."(%%) If the configuration is successful, otherwise it is considered configuration failure.
1.2	317
23.2	318
24.6	319	==== 4.1.2.4 Re-upgrade the firmware ====
1.2	320
	321
32.1	322	After completing the certificate configuration, Burn the [[bootloader>>https://www.dropbox.com/sh/u0uzvvnn58yrie4/AAAvvF_KRveNgmDejzp23ziLa/NB-IoT/Bootloader?dl=0&subfolder_nav_tracking=1]] firmware first, then re-burn the original working [[firmware>>https://www.dropbox.com/sh/u0uzvvnn58yrie4/AACREHllkTe0rATD4ZOqddyga/NB-IoT?dl=0]].
23.2	323
	324
49.2	325	==== 4.1.2.5 Overwriting Certificates on -NB/-NS Models ====
48.2	326
	327
49.2	328	The -NB/-NS modules (BC660K) do not support clearing certificates via AT commands or firmware updates.
48.2	329
49.2	330	To effectively "clear" existing certificates, users may overwrite them with arbitrary data by following these steps:
	331
49.3	332	1. Overwrite Certificates:
49.2	333
49.4	334	Use the standard AT commands (AT+CACERT, AT+CLICERT, AT+CLIKEY) to write non-certificate data (e.g., random strings like 123456).
	335	Example:
49.2	336
49.5	337	AT+CACERT=123456}
49.2	338
49.5	339	AT+CLICERT=123456}
49.3	340
49.5	341	AT+CLIKEY=123456}
	342
	343
	344
24.2	345	== 4.2 For -CB /-CS model ==
1.2	346
36.1	347	=== 4.2.1 Upgrade the firmware to configure TLS firmware to set the certificate ===
24.2	348
	349
	350	User can change device firmware to::
	351
	352	* Update with new features.
	353
	354	* Fix bugs.
	355
	356	Firmware and changelog can be downloaded from : [[Set up TLS certificate - Dropbox>>https://www.dropbox.com/scl/fo/mk9u5ux3cfo94ke0s67ik/ADOIOdwIQfCO2WUZt0MxXyU?rlkey=7o6uaywrebbnsvuj4r0r694x6&st=smrmjj7t&dl=0\|\|data-sider-select-id="830d1b64-cb24-48b3-91e4-49da5c3f0783"]]
	357
	358	Methods to Update Firmware:
	359
	360	* Update through UART TTL interface : [[Instruction>>url:http://wiki.dragino.com/xwiki/bin/view/Main/UART_Access_for_NB_ST_BC660K-GL/#H4.2UpdateFirmware28Assumethedevicealreadyhaveabootloader29]].
	361
24.5	362	=== 4.2.2 Configure certificate ===
24.2	363
	364
	365	After upgrade the firmware, the serial port displays as follows：
	366
43.1	367	[[image:image-20250306114107-2.png\|\|height="371" width="744"]]
24.2	368
	369
24.5	370	==== 4.2.2.1 Configure CA certificate ====
24.2	371
25.1	372	(% style="color:red" %)Note:You should select one of the certificates.Either CA1 or CA3 can be used
24.2	373
	374	Please input the certificate in PEM format for the user.
	375
	376	Use the AT command AT+CACERT as follows:
	377
	378	AT+CACERT=~-~-~-~--BEGIN CERTIFICATE~-~-~-~--
	379
	380	MIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsF
	381
	382	ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6
	383
	384	b24gUm9vdCBDQSAxMB4XDTE1MDUyNjAwMDAwMFoXDTM4MDExNzAwMDAwMFowOTEL
	385
	386	MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv
	387
	388	b3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj
	389
	390	ca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM
	391
	392	9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qw
	393
	394	IFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6
	395
	396	VOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L
	397
	398	93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQm
	399
	400	jgSubJrIqg0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC
	401
	402	AYYwHQYDVR0OBBYEFIQYzIU07LwMlJQuCFmcx7IQTgoIMA0GCSqGSIb3DQEBCwUA
	403
	404	A4IBAQCY8jdaQZChGsV2USggNiMOruYou6r4lK5IpDB/G/wkjUu0yKGX9rbxenDI
	405
	406	U5PMCCjjmCXPI6T53iHTfIUJrU6adTrCC2qJeHZERxhlbI1Bjjt/msv0tadQ1wUs
	407
	408	N+gDS63pYaACbvXy8MWy7Vu33PqUXHeeE6V/Uq2V8viTO96LXFvKWlJbYK8U90vv
	409
	410	o/ufQJVtMVT8QtPHRh8jrdkPSHCa2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU
	411
	412	5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2xJNDd2ZhwLnoQdeXeGADbkpy
	413
	414	rqXRfboQnoZsG4q5WTP468SQvvG5
	415
	416	~-~-~-~--END CERTIFICATE~-~-~-~--}
	417
	418	(% style="color:red" %)Note: Be sure to add a terminator "}" at the end of the command. Otherwise, the command will not execute successfully.
	419
	420	[[image:image-20240528174408-14.png]]
	421
	422
	423	After successful execution, as shown in the following figure.
	424
45.1	425	[[image:image-20250306134213-1.png]]
24.2	426
	427	Display (% style="color:blue" %)"Successfully configured CA certificate."(%%) If the configuration is successful, otherwise it is considered configuration failure.
	428
	429
24.5	430	==== 4.2.2.2 Configure client certificate ====
24.2	431
	432
	433	Use the AT command AT+CLICERT as follows：
	434
	435	AT+CLICERT=~-~-~-~--BEGIN CERTIFICATE~-~-~-~--
	436
	437	MIIDWTCCAkGgAwIBAgIUYSpJUzfb4NTa76JJxd2th0fZA8swDQYJKoZIhvcNAQEL
	438
	439	BQAwTTFLMEkGA1UECwxCQW1hem9uIFdlYiBTZXJ2aWNlcyBPPUFtYXpvbi5jb20g
	440
	441	SW5jLiBMPVNlYXR0bGUgU1Q9V2FzaGluZ3RvbiBDPVVTMB4XDTI0MDUyNDA4MDI0
	442
	443	NVoXDTQ5MTIzMTIzNTk1OVowHjEcMBoGA1UEAwwTQVdTIElvVCBDZXJ0aWZpY2F0
	444
	445	ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMTdc1GQLVBohAeCJD6n
	446
	447	6WTFAFrygTch90a5wUr2bhlVuDxvEhEKNcmu5vOCo5agmfLWb2VCxgezgvQOBYQ8
	448
	449	1oTqXJNdl4tS0DICfqb/ogVHWGHRao67XyhbPNBS0j/nCPTIIk6+/NBeYPOjaG+p
	450
	451	utfXE7SGIEcc3RevkYkUJx6y+WH7MLjj1mufuXBVWIL1RrfrIRPw6auVk7dhS5rU
	452
	453	NvYcJa7Qd6gpAh1DzPj7ZECrv7fEIIBDEsSYOy6ToWtzqGIVcIAHBDfORB0Hcm+N
	454
	455	7wG3KDf61P4aWkLlkP5pRUaUIQdVblxginmx2K3n8t/WP7QcfITa191rjEVVBXmk
	456
	457	ROsCAwEAAaNgMF4wHwYDVR0jBBgwFoAUs8Caohh1ZGP8kjSn3rtxJiJJ9IswHQYD
	458
	459	VR0OBBYEFCjwGwqD7FG9UCNm3wjFQX4HixzfMAwGA1UdEwEB/wQCMAAwDgYDVR0P
	460
	461	AQH/BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQBgqI49a4PBQZYrFM63TX3EHgdd
	462
	463	N6Pj7AytjO+SrKNMCSo/OtIvhDTxOocr1vKrux1Tw5qmrllrIXLtlGtbmln5DS6a
	464
	465	DTCLrjwcIFIabLxpx5DPY1WSMYvL04SW7d4Y+3SxOFNRotDSiomr8eIIac0d3HE2
	466
	467	B5b0SnWZgWbrhjNUgvwo8l8tA9DOGIr2MeQ5kPjudOOiYSR3HC0v+jviBMV6VX8M
	468
	469	LHVH3CRshHDKBGpV1NZ1RAm9EY/oRGtSiMsyjRh6hegC0vehwVxaC4w9qG0ASkzz
	470
	471	42OOGfNqhYnYDiKTEIkazaoAFpTKDejWBaL7W5VpthUkQOl67IyX+ohuUKTo
	472
	473	~-~-~-~--END CERTIFICATE~-~-~-~--}
	474
	475	(% style="color:red" %)Note: Be sure to add a terminator "}" at the end of the command. Otherwise, the command will not execute successfully.
	476
	477	[[image:image-20240528174630-16.png\|\|height="553" width="747"]]
	478
	479	Display (% style="color:blue" %)"Successfully configured client certificate."(%%) Configuration successful, otherwise configuration failed.
	480
	481
24.5	482	==== 4.2.2.3 Configure client private key ====
24.2	483
	484
	485	Use the AT command AT+CLIKEY, as shown below
	486
	487	AT+CLIKEY=~-~-~-~--BEGIN RSA PRIVATE KEY~-~-~-~--
	488
	489	MIIEpAIBAAKCAQEAxN1zUZAtUGiEB4IkPqfpZMUAWvKBNyH3RrnBSvZuGVW4PG8S
	490
	491	EQo1ya7m84KjlqCZ8tZvZULGB7OC9A4FhDzWhOpck12Xi1LQMgJ+pv+iBUdYYdFq
	492
	493	jrtfKFs80FLSP+cI9MgiTr780F5g86Nob6m619cTtIYgRxzdF6+RiRQnHrL5Yfsw
	494
	495	uOPWa5+5cFVYgvVGt+shE/Dpq5WTt2FLmtQ29hwlrtB3qCkCHUPM+PtkQKu/t8Qg
	496
	497	gEMSxJg7LpOha3OoYhVwgAcEN85EHQdyb43vAbcoN/rU/hpaQuWQ/mlFRpQhB1Vu
	498
	499	XGCKebHYrefy39Y/tBx8hNrX3WuMRVUFeaRE6wIDAQABAoIBAFhAOcjvjBDGuaEw
	500
	501	CxV3al49HfqnSZuwg0xWSztSm2qKDcwxsnSnEhO2b1vsTW9h0YGV9Vv8gg/Dvkmv
	502
	503	23M7XqM4+IUraJsRZbl1etdcM4KQSCOZoF4Zyv+pXuq4pf31kQNCkHaikWzLUkUG
	504
	505	FPQxr0vA49mCYwfd/ZL3ppM/0IWmxRwloV1Gb9q8iDBUcJGSDokZnT7diUxzzOcd
	506
	507	+UJ6xUhFq1v46Y7vO+73XROLv34JEBC0bIw2ErL6+AbzhHwb2mkuSccG9Ks37g3Z
	508
	509	dyyjjj8hm1wvHWepuWqEssaiS3HD5zAsI0v85xS8RwNj3zLfd8o1WC666n3CO+ij
	510
	511	VdRmR4kCgYEA+/sEFxpfaRomqcLwJebZcZH06U1RfJFfnbH2/Q6fANf8zNxwWs9A
	512
	513	O+jyk/CLhHYRIk6VIOMQmWwEYgJ2eAHfw2Diwj4/0eqkGu+yZOS6KTCewxSV73vc
	514
	515	SvACramJy4y6yEgDN5onwR1XqfVMfA0LzTcSupHR/xvrpf/gCsNFPxUCgYEAyAFd
	516
	517	nMUhJFSq3pOogxA43aJSkA8YuDS3jpBkKQ6vx81APpIMabQauOxFDt488TZGP3Yy
	518
	519	lhpa/lfFIgu2K7CgV4dUp+JtJJoZ/F+ExxUUzdqB4zxzWywAcc3RebfwP6qASwFT
	520
	521	G3mXYci4tgNWR+k5CSsuLXDk/OT5uo5GeGAEc/8CgYEAk6V8uxDP8STKnNRFpN/E
	522
	523	b6CHciDE64m/DgbWY2cq0fK9BUjxaLRhvfj8EqVzCrWnyoNjLHcAJfW+B7PLuPvY
	524
	525	IoJlvE1/Vb/4UnQ7ApVnY3VCwaoRRNc9uIcz+pAJ1sRqOarAf9cLDkPkNwktvM5k
	526
	527	KOXpSnrhIms4w/bPT18l9xUCgYBsAMDKbXEuK0JyGw5+Z/4tQQCQpnZU0rLkm3ha
	528
	529	64FkxaORplBprEZZ4cyQ8NW78/EPSAadI/JLMp5TejuPcDvFyGCgoBcMEuNBc1tC
	530
	531	HlIzr3FAgl5Qt3wt+FTMA9YKq0nINxjn10s2FKwaLccj4f9YwiaXh0VAg22PnlDT
	532
	533	pBYDhQKBgQCMwyKXJ4zYiDRdvLvgKzeuKaU4KNQItHE4KORPfkecjPoENt4bKxDw
	534
	535	2EdNFQLIoqBHL1s+/8+SzhCI31V7pkTs1AqCxDExJS7+8Z5NQFQIo/jooUo0N80E
	536
	537	y3ZZS6OLOXXscEqhMogf1grfbabXM9OkgTIq43cPQHtMGQiFAtIJkg==
	538
	539	~-~-~-~--END RSA PRIVATE KEY~-~-~-~--}
	540
	541	(% style="color:red" %)Note: Be sure to add a terminator "}" at the end of the command. Otherwise, the command will not execute successfully.
	542
	543	[[image:image-20240528174702-17.png]]
	544
	545	Display(% style="color:blue" %) "Successfully configured client private key."(%%) If the configuration is successful, otherwise it is considered configuration failure.
	546
	547
46.1	548	==== 4.2.2.4 Re-upgrade the firmware ====
24.2	549
24.4	550
46.1	551	After completing the certificate configuration, Burn the [[bootloader>>https://www.dropbox.com/scl/fo/ztlw35a9xbkomu71u31im/AE23WqlQ8CKU4cuy-sP1JkM/Utility/NB-IoT%20Bootloader?rlkey=ojjcsw927eaow01dgooldq3nu&e=1&subfolder_nav_tracking=1&dl=0]] firmware first, then re-burn the original working [[firmware>>https://www.dropbox.com/scl/fo/ztlw35a9xbkomu71u31im/ANd2flSqspRRXl-ksF6gUqk/LTE-M?dl=0&rlkey=ojjcsw927eaow01dgooldq3nu&subfolder_nav_tracking=1]].
	552
	553
	554	==== 4.2.2.5 For -CB /-CS model Certificate setting error/change certificate ====
	555
	556
24.2	557	(% data-sider-select-id="7c5a8abc-e707-467b-ac02-db0a89098320" %)When you set the wrong certificate or you need to re-set another certificate.
	558	Please use the following three commands：
	559
24.4	560	(% style="color:blue" %)AT+DELCLIKEY}
24.2	561
24.4	562	(% style="color:blue" %)AT+DELCLICERT}
24.2	563
24.7	564	(% style="color:blue" %)AT+DELCACERT}(%%)
	565	(% style="color:blue" %)
24.2	566
24.4	567	(% style="color:red" %)**Note: 1.When there is no certificate on the device, a deletion error will be displayed.
24.2	568	2.When the device already has a certificate, using the command to configure the certificate again will display a configuration error.**
	569
	570
	571	= (% data-sider-select-id="6b5deb69-539b-42e1-a7bc-a300eb1fea73" %)5. Configure draginoNB-device(%%) =
	572
22.1	573	== 5.1 Configure the data format sent by the device ==
	574
23.2	575
23.7	576	(% style="color:blue" %)AT+PRO=3,5(%%) (Data is in Json format of MQTT)
1.2	577
	578
22.1	579	== 5.2 Set server address ==
1.2	580
23.2	581
23.7	582	(% style="color:blue" %)AT+SERVADDR=an5tk94sdgjat-ats.iot.us-east-1.amazonaws.com,8883
1.2	583
	584
23.2	585	== 5.3 Set up private and public topics ==
1.2	586
23.2	587
1.2	588	AWS does not limit topics, so you can set any topic
	589
23.7	590	(% style="color:blue" %)AT+SUBTOPIC=Any
1.2	591
23.7	592	(% style="color:blue" %)AT+PUBTOPIC=Any
1.2	593
	594
22.1	595	== 5.4 Set the TLS mode ==
1.2	596
23.2	597
24.2	598	(% data-sider-select-id="cf7bb573-8375-4479-9801-df8bb7dab3ba" style="color:blue" %)AT+TLSMOD=1,2
1.2	599
23.7	600	To use the TLS mode certificate function, users need to configure the (% style="color:blue" %)AT+TLSMOD(%%) command.
1.2	601
23.7	602	(% style="color:blue" %)AT+TLSMOD=1,0 (%%) ~/~/ No authentication
1.2	603
23.7	604	(% style="color:blue" %)AT+TLSMOD=1,1 (%%) ~/~/ Perform server authentication
1.2	605
23.7	606	(% style="color:blue" %)AT+TLSMOD=1,2 (%%) ~/~/ Perform server and client authentication if requested by the remote server.(In AWS we recommend using this mode)
1.2	607
	608
24.2	609	(% data-sider-select-id="f443b9bc-1195-4fe2-965d-7de84f78747f" %)
24.4	610	== 5.5 Set the MQOS ==
1.2	611
24.4	612
24.2	613	(% data-sider-select-id="cf7bb573-8375-4479-9801-df8bb7dab3ba" style="color:blue; font-weight:bold" %)AT+MQOS(% data-sider-select-id="cf7bb573-8375-4479-9801-df8bb7dab3ba" style="color:blue" %)=XX （Depends on your server configuration）
23.2	614
24.2	615	Please find it in AWS's MQTT test client
	616
	617	[[image:image-20240529164339-1.png\|\|height="480" width="927"]]
	618
	619
	620	(% data-sider-select-id="fef22158-6e5e-46e4-b59e-fe457e562376" %)
	621	== 5.6 Restart the device ==
	622
	623
22.1	624	= 6. View data on AWS =
1.2	625
23.2	626	== 6.1 Find MQTT test client in test ==
1.2	627
23.2	628
1.2	629	In the fourth step, fill in the topics you subscribed to before
	630
23.7	631	(% style="color:blue" %)AT+PUBTOPIC=XXXX
1.2	632
	633	If you forget your previous topic, you can fill in #,subscribe to all topics
	634
22.1	635	[[image:image-20240528175111-18.png\|\|height="409" width="1014"]]
1.2	636
	637
23.5	638	== 6.2 The data published information in Subscriptions ==
1.2	639
22.1	640
	641	[[image:image-20240528175133-19.png\|\|height="563" width="1022"]]
	642
	643	[[image:image-20240528175154-20.png\|\|height="752" width="1042"]]

Wiki source code of Dragino -NB/-CB device connection to AWS platform instructions

Applications

Navigation