Wiki source code of Dragino -NB/-CB device connection to AWS platform instructions

Version 49.7 by Mengting Qiu on 2025/07/29 14:05

version	line-number	content
23.7	1	Table of Contents:
	2
1.1	3	{{toc/}}
	4
	5
23.7	6
	7
	8
	9
	10
	11
	12
	13
23.6	14	= 1. Log in to the platform and find IoT core =
1.1	15
23.2	16
23.6	17	= 2. Create your own test policy =
1.1	18
23.6	19	== 2.1 First click the policy on the left, enter the page and click Create policy ==
1.1	20
23.7	21
23.3	22	[[image:image-20240528172927-2.png\|\|height="377" width="931"]]
1.1	23
	24
23.6	25	== 2.2 After filling in a policy name for testing, the policy will be displayed on the page ==
23.2	26
	27
1.2	28	a. Fill in any name
1.1	29
	30
35.1	31	b. Fill in * to Policy action and Policy resource (* stands for all)
1.1	32
35.1	33	[[image:image-20250103152135-2.png\|\|height="777" width="1544"]]
22.1	34
35.1	35
1.2	36	c. After clicking to enter the policy configuration page, follow the clicking sequence below to go to the json configuration interface, and then fill in the following fields in the "statement" keyword:
1.1	37
	38
35.1	39	**{
	40	"Version": "2012-10-17",
	41	"Statement": [
	42	{
	43	"Effect": "Allow",
	44	"Action": "iot:*",
	45	"Resource": "*"
	46	}
	47	]
	48	}**
24.6	49
1.1	50
	51
35.1	52	[[image:image-20250103151957-1.png\|\|height="529" width="935"]]
1.2	53
	54	d. Create this policy
	55
	56
22.1	57	= 3. Create a Things =
1.2	58
22.1	59	== 3.1 Create a single Things ==
1.2	60
23.2	61
23.7	62	(% style="color:blue" %)1. Select Create Things
1.2	63
22.1	64	[[image:image-20240528173244-5.png\|\|height="329" width="932"]]
1.2	65
22.1	66	[[image:image-20240528173500-6.png\|\|height="484" width="928"]]
1.2	67
	68
23.7	69	(% style="color:blue" %)2. Fill in the name of the control item you want to create in the thing name column
1.2	70
	71	Use the default for other parameters
	72
	73	Then click Next.
	74
22.1	75	[[image:image-20240528173754-7.png\|\|height="712" width="781"]]
1.2	76
	77
23.7	78	(% style="color:blue" %)3. Choose to automatically generate a new certificate
22.1	79
1.2	80	Then click Next
	81
22.1	82	[[image:image-20240528173829-8.png\|\|height="547" width="782"]]
1.2	83
	84
23.7	85	(% style="color:blue" %)4. The next step is to choose a strategy
22.1	86
1.2	87	Here you can choose a policy we created in the first step
	88
22.1	89	[[image:image-20240528173851-9.png\|\|height="580" width="785"]]
1.2	90
	91
23.7	92	(% style="color:blue" %)5. When you click to create things, the certificate download page will pop up
22.1	93
1.2	94
24.7	95	This certificate is very important. After creating the device, you must download the certificate of the device so that our NB device can connect normally.
24.6	96
1.2	97	Please download all the following certificates and put them in a folder.
	98
22.1	99	[[image:image-20240528173926-10.png]]
1.2	100
	101
23.7	102	(% style="color:blue" %)6. You can see the things you just created in the things
1.2	103
22.1	104	[[image:image-20240528173951-11.png\|\|height="381" width="1089"]]
1.2	105
	106
23.7	107	= 4. Connect to AWS using Dragino-NB device =
1.2	108
28.1	109
29.1	110	(% id="cke_bm_37736S" style="color:red; display:none" %) (% style="color:red" %)Note: (%%)In order to avoid problems with certificate writing, you need to set the serial port assistant to automatically add a newline character when sending commands, if there is no such newline character, the certificate written will be invalid.(Using the serial port assistant as an example)
28.1	111
31.1	112	[[image:image-20240822090554-1.png\|\|height="501" width="656"]]
28.1	113
29.1	114
24.6	115	== 4.1 For -NB /-NS model ==
1.2	116
36.1	117	=== 4.1.1 Upgrade the firmware to configure TLS firmware to set the certificate ===
23.2	118
24.2	119
23.1	120	User can change device firmware to::
1.2	121
23.1	122	* Update with new features.
22.1	123
23.1	124	* Fix bugs.
22.1	125
24.2	126	Firmware and changelog can be downloaded from : [[Set up TLS certificate - Dropbox>>https://www.dropbox.com/scl/fo/1ykfsesmr3702tj3kp663/AOOyH1GiVEOGR41gASuiDk0?rlkey=1q7a1b5yvjgt87d16w8tt0cum&st=vdy765ut&dl=0\|\|data-sider-select-id="830d1b64-cb24-48b3-91e4-49da5c3f0783"]]
23.1	127
	128	Methods to Update Firmware:
	129
	130	* (Recommended way) OTA firmware update via BLE: [[Instruction>>url:http://wiki.dragino.com/xwiki/bin/view/Main/BLE_Firmware_Update_NB_Sensors_BC660K-GL/]].
	131
	132	* Update through UART TTL interface : [[Instruction>>url:http://wiki.dragino.com/xwiki/bin/view/Main/UART_Access_for_NB_ST_BC660K-GL/#H4.2UpdateFirmware28Assumethedevicealreadyhaveabootloader29]].
	133
24.6	134	=== 4.1.2 Configure certificate ===
23.2	135
22.1	136
1.2	137	After upgrade the firmware, the serial port displays as follows：
	138
38.1	139	[[image:image-20250306113602-1.png\|\|height="401" width="856"]]
1.2	140
23.2	141
24.6	142	==== 4.1.2.1 Configure CA certificate ====
1.2	143
23.2	144
1.2	145	Please input the certificate in PEM format for the user.
	146
	147	Use the AT command AT+CACERT as follows:
	148
	149	AT+CACERT=~-~-~-~--BEGIN CERTIFICATE~-~-~-~--
	150
	151	MIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsF
	152
	153	ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6
	154
	155	b24gUm9vdCBDQSAxMB4XDTE1MDUyNjAwMDAwMFoXDTM4MDExNzAwMDAwMFowOTEL
	156
	157	MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv
	158
	159	b3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj
	160
	161	ca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM
	162
	163	9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qw
	164
	165	IFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6
	166
	167	VOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L
	168
	169	93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQm
	170
	171	jgSubJrIqg0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC
	172
	173	AYYwHQYDVR0OBBYEFIQYzIU07LwMlJQuCFmcx7IQTgoIMA0GCSqGSIb3DQEBCwUA
	174
	175	A4IBAQCY8jdaQZChGsV2USggNiMOruYou6r4lK5IpDB/G/wkjUu0yKGX9rbxenDI
	176
	177	U5PMCCjjmCXPI6T53iHTfIUJrU6adTrCC2qJeHZERxhlbI1Bjjt/msv0tadQ1wUs
	178
	179	N+gDS63pYaACbvXy8MWy7Vu33PqUXHeeE6V/Uq2V8viTO96LXFvKWlJbYK8U90vv
	180
	181	o/ufQJVtMVT8QtPHRh8jrdkPSHCa2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU
	182
	183	5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2xJNDd2ZhwLnoQdeXeGADbkpy
	184
	185	rqXRfboQnoZsG4q5WTP468SQvvG5
	186
	187	~-~-~-~--END CERTIFICATE~-~-~-~--}
	188
23.4	189	(% style="color:red" %)Note: Be sure to add a terminator "}" at the end of the command. Otherwise, the command will not execute successfully.
1.2	190
22.1	191	[[image:image-20240528174408-14.png]]
1.2	192
	193
	194	After successful execution, as shown in the following figure.
	195
41.1	196	[[image:image-20250306113849-2.png\|\|height="742" width="456"]]
1.2	197
23.4	198	Display (% style="color:blue" %)"Successfully configured CA certificate."(%%) If the configuration is successful, otherwise it is considered configuration failure.
1.2	199
23.2	200
24.6	201	==== 4.1.2.2 Configure client certificate ====
1.2	202
23.2	203
1.2	204	Use the AT command AT+CLICERT as follows：
	205
	206	AT+CLICERT=~-~-~-~--BEGIN CERTIFICATE~-~-~-~--
	207
	208	MIIDWTCCAkGgAwIBAgIUYSpJUzfb4NTa76JJxd2th0fZA8swDQYJKoZIhvcNAQEL
	209
	210	BQAwTTFLMEkGA1UECwxCQW1hem9uIFdlYiBTZXJ2aWNlcyBPPUFtYXpvbi5jb20g
	211
	212	SW5jLiBMPVNlYXR0bGUgU1Q9V2FzaGluZ3RvbiBDPVVTMB4XDTI0MDUyNDA4MDI0
	213
	214	NVoXDTQ5MTIzMTIzNTk1OVowHjEcMBoGA1UEAwwTQVdTIElvVCBDZXJ0aWZpY2F0
	215
	216	ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMTdc1GQLVBohAeCJD6n
	217
	218	6WTFAFrygTch90a5wUr2bhlVuDxvEhEKNcmu5vOCo5agmfLWb2VCxgezgvQOBYQ8
	219
	220	1oTqXJNdl4tS0DICfqb/ogVHWGHRao67XyhbPNBS0j/nCPTIIk6+/NBeYPOjaG+p
	221
	222	utfXE7SGIEcc3RevkYkUJx6y+WH7MLjj1mufuXBVWIL1RrfrIRPw6auVk7dhS5rU
	223
	224	NvYcJa7Qd6gpAh1DzPj7ZECrv7fEIIBDEsSYOy6ToWtzqGIVcIAHBDfORB0Hcm+N
	225
	226	7wG3KDf61P4aWkLlkP5pRUaUIQdVblxginmx2K3n8t/WP7QcfITa191rjEVVBXmk
	227
	228	ROsCAwEAAaNgMF4wHwYDVR0jBBgwFoAUs8Caohh1ZGP8kjSn3rtxJiJJ9IswHQYD
	229
	230	VR0OBBYEFCjwGwqD7FG9UCNm3wjFQX4HixzfMAwGA1UdEwEB/wQCMAAwDgYDVR0P
	231
	232	AQH/BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQBgqI49a4PBQZYrFM63TX3EHgdd
	233
	234	N6Pj7AytjO+SrKNMCSo/OtIvhDTxOocr1vKrux1Tw5qmrllrIXLtlGtbmln5DS6a
	235
	236	DTCLrjwcIFIabLxpx5DPY1WSMYvL04SW7d4Y+3SxOFNRotDSiomr8eIIac0d3HE2
	237
	238	B5b0SnWZgWbrhjNUgvwo8l8tA9DOGIr2MeQ5kPjudOOiYSR3HC0v+jviBMV6VX8M
	239
	240	LHVH3CRshHDKBGpV1NZ1RAm9EY/oRGtSiMsyjRh6hegC0vehwVxaC4w9qG0ASkzz
	241
	242	42OOGfNqhYnYDiKTEIkazaoAFpTKDejWBaL7W5VpthUkQOl67IyX+ohuUKTo
	243
	244	~-~-~-~--END CERTIFICATE~-~-~-~--}
	245
23.4	246	(% style="color:red" %)Note: Be sure to add a terminator "}" at the end of the command. Otherwise, the command will not execute successfully.
1.2	247
22.1	248	[[image:image-20240528174630-16.png\|\|height="553" width="747"]]
1.2	249
23.4	250	Display (% style="color:blue" %)"Successfully configured client certificate."(%%) Configuration successful, otherwise configuration failed.
1.2	251
23.2	252
24.6	253	==== 4.1.2.3 Configure client private key ====
1.2	254
23.2	255
1.2	256	Use the AT command AT+CLIKEY, as shown below
	257
	258	AT+CLIKEY=~-~-~-~--BEGIN RSA PRIVATE KEY~-~-~-~--
	259
	260	MIIEpAIBAAKCAQEAxN1zUZAtUGiEB4IkPqfpZMUAWvKBNyH3RrnBSvZuGVW4PG8S
	261
	262	EQo1ya7m84KjlqCZ8tZvZULGB7OC9A4FhDzWhOpck12Xi1LQMgJ+pv+iBUdYYdFq
	263
	264	jrtfKFs80FLSP+cI9MgiTr780F5g86Nob6m619cTtIYgRxzdF6+RiRQnHrL5Yfsw
	265
	266	uOPWa5+5cFVYgvVGt+shE/Dpq5WTt2FLmtQ29hwlrtB3qCkCHUPM+PtkQKu/t8Qg
	267
	268	gEMSxJg7LpOha3OoYhVwgAcEN85EHQdyb43vAbcoN/rU/hpaQuWQ/mlFRpQhB1Vu
	269
	270	XGCKebHYrefy39Y/tBx8hNrX3WuMRVUFeaRE6wIDAQABAoIBAFhAOcjvjBDGuaEw
	271
	272	CxV3al49HfqnSZuwg0xWSztSm2qKDcwxsnSnEhO2b1vsTW9h0YGV9Vv8gg/Dvkmv
	273
	274	23M7XqM4+IUraJsRZbl1etdcM4KQSCOZoF4Zyv+pXuq4pf31kQNCkHaikWzLUkUG
	275
	276	FPQxr0vA49mCYwfd/ZL3ppM/0IWmxRwloV1Gb9q8iDBUcJGSDokZnT7diUxzzOcd
	277
	278	+UJ6xUhFq1v46Y7vO+73XROLv34JEBC0bIw2ErL6+AbzhHwb2mkuSccG9Ks37g3Z
	279
	280	dyyjjj8hm1wvHWepuWqEssaiS3HD5zAsI0v85xS8RwNj3zLfd8o1WC666n3CO+ij
	281
	282	VdRmR4kCgYEA+/sEFxpfaRomqcLwJebZcZH06U1RfJFfnbH2/Q6fANf8zNxwWs9A
	283
	284	O+jyk/CLhHYRIk6VIOMQmWwEYgJ2eAHfw2Diwj4/0eqkGu+yZOS6KTCewxSV73vc
	285
	286	SvACramJy4y6yEgDN5onwR1XqfVMfA0LzTcSupHR/xvrpf/gCsNFPxUCgYEAyAFd
	287
	288	nMUhJFSq3pOogxA43aJSkA8YuDS3jpBkKQ6vx81APpIMabQauOxFDt488TZGP3Yy
	289
	290	lhpa/lfFIgu2K7CgV4dUp+JtJJoZ/F+ExxUUzdqB4zxzWywAcc3RebfwP6qASwFT
	291
	292	G3mXYci4tgNWR+k5CSsuLXDk/OT5uo5GeGAEc/8CgYEAk6V8uxDP8STKnNRFpN/E
	293
	294	b6CHciDE64m/DgbWY2cq0fK9BUjxaLRhvfj8EqVzCrWnyoNjLHcAJfW+B7PLuPvY
	295
	296	IoJlvE1/Vb/4UnQ7ApVnY3VCwaoRRNc9uIcz+pAJ1sRqOarAf9cLDkPkNwktvM5k
	297
	298	KOXpSnrhIms4w/bPT18l9xUCgYBsAMDKbXEuK0JyGw5+Z/4tQQCQpnZU0rLkm3ha
	299
	300	64FkxaORplBprEZZ4cyQ8NW78/EPSAadI/JLMp5TejuPcDvFyGCgoBcMEuNBc1tC
	301
	302	HlIzr3FAgl5Qt3wt+FTMA9YKq0nINxjn10s2FKwaLccj4f9YwiaXh0VAg22PnlDT
	303
	304	pBYDhQKBgQCMwyKXJ4zYiDRdvLvgKzeuKaU4KNQItHE4KORPfkecjPoENt4bKxDw
	305
	306	2EdNFQLIoqBHL1s+/8+SzhCI31V7pkTs1AqCxDExJS7+8Z5NQFQIo/jooUo0N80E
	307
	308	y3ZZS6OLOXXscEqhMogf1grfbabXM9OkgTIq43cPQHtMGQiFAtIJkg==
	309
	310	~-~-~-~--END RSA PRIVATE KEY~-~-~-~--}
	311
23.4	312	(% style="color:red" %)Note: Be sure to add a terminator "}" at the end of the command. Otherwise, the command will not execute successfully.
1.2	313
22.1	314	[[image:image-20240528174702-17.png]]
1.2	315
23.7	316	Display(% style="color:blue" %) "Successfully configured client private key."(%%) If the configuration is successful, otherwise it is considered configuration failure.
1.2	317
23.2	318
24.6	319	==== 4.1.2.4 Re-upgrade the firmware ====
1.2	320
	321
32.1	322	After completing the certificate configuration, Burn the [[bootloader>>https://www.dropbox.com/sh/u0uzvvnn58yrie4/AAAvvF_KRveNgmDejzp23ziLa/NB-IoT/Bootloader?dl=0&subfolder_nav_tracking=1]] firmware first, then re-burn the original working [[firmware>>https://www.dropbox.com/sh/u0uzvvnn58yrie4/AACREHllkTe0rATD4ZOqddyga/NB-IoT?dl=0]].
23.2	323
	324
49.7	325	==== 4.1.2.5 Overwriting Certificates on -NB/-NS Models Certificate Management for -NB/-NS Models ====
48.2	326
	327
49.7	328
49.2	329	The -NB/-NS modules (BC660K) do not support clearing certificates via AT commands or firmware updates.
48.2	330
49.2	331	To effectively "clear" existing certificates, users may overwrite them with arbitrary data by following these steps:
	332
49.3	333	1. Overwrite Certificates:
49.2	334
49.4	335	Use the standard AT commands (AT+CACERT, AT+CLICERT, AT+CLIKEY) to write non-certificate data (e.g., random strings like 123456).
	336	Example:
49.2	337
49.5	338	AT+CACERT=123456}
49.2	339
49.5	340	AT+CLICERT=123456}
49.3	341
49.5	342	AT+CLIKEY=123456}
	343
49.6	344	2. Upload Valid Certificates (Optional):
49.5	345
49.6	346	After overwriting, users may proceed to upload new valid certificates if needed.
49.5	347
49.6	348
24.2	349	== 4.2 For -CB /-CS model ==
1.2	350
36.1	351	=== 4.2.1 Upgrade the firmware to configure TLS firmware to set the certificate ===
24.2	352
	353
	354	User can change device firmware to::
	355
	356	* Update with new features.
	357
	358	* Fix bugs.
	359
	360	Firmware and changelog can be downloaded from : [[Set up TLS certificate - Dropbox>>https://www.dropbox.com/scl/fo/mk9u5ux3cfo94ke0s67ik/ADOIOdwIQfCO2WUZt0MxXyU?rlkey=7o6uaywrebbnsvuj4r0r694x6&st=smrmjj7t&dl=0\|\|data-sider-select-id="830d1b64-cb24-48b3-91e4-49da5c3f0783"]]
	361
	362	Methods to Update Firmware:
	363
	364	* Update through UART TTL interface : [[Instruction>>url:http://wiki.dragino.com/xwiki/bin/view/Main/UART_Access_for_NB_ST_BC660K-GL/#H4.2UpdateFirmware28Assumethedevicealreadyhaveabootloader29]].
	365
24.5	366	=== 4.2.2 Configure certificate ===
24.2	367
	368
	369	After upgrade the firmware, the serial port displays as follows：
	370
43.1	371	[[image:image-20250306114107-2.png\|\|height="371" width="744"]]
24.2	372
	373
24.5	374	==== 4.2.2.1 Configure CA certificate ====
24.2	375
25.1	376	(% style="color:red" %)Note:You should select one of the certificates.Either CA1 or CA3 can be used
24.2	377
	378	Please input the certificate in PEM format for the user.
	379
	380	Use the AT command AT+CACERT as follows:
	381
	382	AT+CACERT=~-~-~-~--BEGIN CERTIFICATE~-~-~-~--
	383
	384	MIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsF
	385
	386	ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6
	387
	388	b24gUm9vdCBDQSAxMB4XDTE1MDUyNjAwMDAwMFoXDTM4MDExNzAwMDAwMFowOTEL
	389
	390	MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv
	391
	392	b3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj
	393
	394	ca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM
	395
	396	9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qw
	397
	398	IFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6
	399
	400	VOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L
	401
	402	93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQm
	403
	404	jgSubJrIqg0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC
	405
	406	AYYwHQYDVR0OBBYEFIQYzIU07LwMlJQuCFmcx7IQTgoIMA0GCSqGSIb3DQEBCwUA
	407
	408	A4IBAQCY8jdaQZChGsV2USggNiMOruYou6r4lK5IpDB/G/wkjUu0yKGX9rbxenDI
	409
	410	U5PMCCjjmCXPI6T53iHTfIUJrU6adTrCC2qJeHZERxhlbI1Bjjt/msv0tadQ1wUs
	411
	412	N+gDS63pYaACbvXy8MWy7Vu33PqUXHeeE6V/Uq2V8viTO96LXFvKWlJbYK8U90vv
	413
	414	o/ufQJVtMVT8QtPHRh8jrdkPSHCa2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU
	415
	416	5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2xJNDd2ZhwLnoQdeXeGADbkpy
	417
	418	rqXRfboQnoZsG4q5WTP468SQvvG5
	419
	420	~-~-~-~--END CERTIFICATE~-~-~-~--}
	421
	422	(% style="color:red" %)Note: Be sure to add a terminator "}" at the end of the command. Otherwise, the command will not execute successfully.
	423
	424	[[image:image-20240528174408-14.png]]
	425
	426
	427	After successful execution, as shown in the following figure.
	428
45.1	429	[[image:image-20250306134213-1.png]]
24.2	430
	431	Display (% style="color:blue" %)"Successfully configured CA certificate."(%%) If the configuration is successful, otherwise it is considered configuration failure.
	432
	433
24.5	434	==== 4.2.2.2 Configure client certificate ====
24.2	435
	436
	437	Use the AT command AT+CLICERT as follows：
	438
	439	AT+CLICERT=~-~-~-~--BEGIN CERTIFICATE~-~-~-~--
	440
	441	MIIDWTCCAkGgAwIBAgIUYSpJUzfb4NTa76JJxd2th0fZA8swDQYJKoZIhvcNAQEL
	442
	443	BQAwTTFLMEkGA1UECwxCQW1hem9uIFdlYiBTZXJ2aWNlcyBPPUFtYXpvbi5jb20g
	444
	445	SW5jLiBMPVNlYXR0bGUgU1Q9V2FzaGluZ3RvbiBDPVVTMB4XDTI0MDUyNDA4MDI0
	446
	447	NVoXDTQ5MTIzMTIzNTk1OVowHjEcMBoGA1UEAwwTQVdTIElvVCBDZXJ0aWZpY2F0
	448
	449	ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMTdc1GQLVBohAeCJD6n
	450
	451	6WTFAFrygTch90a5wUr2bhlVuDxvEhEKNcmu5vOCo5agmfLWb2VCxgezgvQOBYQ8
	452
	453	1oTqXJNdl4tS0DICfqb/ogVHWGHRao67XyhbPNBS0j/nCPTIIk6+/NBeYPOjaG+p
	454
	455	utfXE7SGIEcc3RevkYkUJx6y+WH7MLjj1mufuXBVWIL1RrfrIRPw6auVk7dhS5rU
	456
	457	NvYcJa7Qd6gpAh1DzPj7ZECrv7fEIIBDEsSYOy6ToWtzqGIVcIAHBDfORB0Hcm+N
	458
	459	7wG3KDf61P4aWkLlkP5pRUaUIQdVblxginmx2K3n8t/WP7QcfITa191rjEVVBXmk
	460
	461	ROsCAwEAAaNgMF4wHwYDVR0jBBgwFoAUs8Caohh1ZGP8kjSn3rtxJiJJ9IswHQYD
	462
	463	VR0OBBYEFCjwGwqD7FG9UCNm3wjFQX4HixzfMAwGA1UdEwEB/wQCMAAwDgYDVR0P
	464
	465	AQH/BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQBgqI49a4PBQZYrFM63TX3EHgdd
	466
	467	N6Pj7AytjO+SrKNMCSo/OtIvhDTxOocr1vKrux1Tw5qmrllrIXLtlGtbmln5DS6a
	468
	469	DTCLrjwcIFIabLxpx5DPY1WSMYvL04SW7d4Y+3SxOFNRotDSiomr8eIIac0d3HE2
	470
	471	B5b0SnWZgWbrhjNUgvwo8l8tA9DOGIr2MeQ5kPjudOOiYSR3HC0v+jviBMV6VX8M
	472
	473	LHVH3CRshHDKBGpV1NZ1RAm9EY/oRGtSiMsyjRh6hegC0vehwVxaC4w9qG0ASkzz
	474
	475	42OOGfNqhYnYDiKTEIkazaoAFpTKDejWBaL7W5VpthUkQOl67IyX+ohuUKTo
	476
	477	~-~-~-~--END CERTIFICATE~-~-~-~--}
	478
	479	(% style="color:red" %)Note: Be sure to add a terminator "}" at the end of the command. Otherwise, the command will not execute successfully.
	480
	481	[[image:image-20240528174630-16.png\|\|height="553" width="747"]]
	482
	483	Display (% style="color:blue" %)"Successfully configured client certificate."(%%) Configuration successful, otherwise configuration failed.
	484
	485
24.5	486	==== 4.2.2.3 Configure client private key ====
24.2	487
	488
	489	Use the AT command AT+CLIKEY, as shown below
	490
	491	AT+CLIKEY=~-~-~-~--BEGIN RSA PRIVATE KEY~-~-~-~--
	492
	493	MIIEpAIBAAKCAQEAxN1zUZAtUGiEB4IkPqfpZMUAWvKBNyH3RrnBSvZuGVW4PG8S
	494
	495	EQo1ya7m84KjlqCZ8tZvZULGB7OC9A4FhDzWhOpck12Xi1LQMgJ+pv+iBUdYYdFq
	496
	497	jrtfKFs80FLSP+cI9MgiTr780F5g86Nob6m619cTtIYgRxzdF6+RiRQnHrL5Yfsw
	498
	499	uOPWa5+5cFVYgvVGt+shE/Dpq5WTt2FLmtQ29hwlrtB3qCkCHUPM+PtkQKu/t8Qg
	500
	501	gEMSxJg7LpOha3OoYhVwgAcEN85EHQdyb43vAbcoN/rU/hpaQuWQ/mlFRpQhB1Vu
	502
	503	XGCKebHYrefy39Y/tBx8hNrX3WuMRVUFeaRE6wIDAQABAoIBAFhAOcjvjBDGuaEw
	504
	505	CxV3al49HfqnSZuwg0xWSztSm2qKDcwxsnSnEhO2b1vsTW9h0YGV9Vv8gg/Dvkmv
	506
	507	23M7XqM4+IUraJsRZbl1etdcM4KQSCOZoF4Zyv+pXuq4pf31kQNCkHaikWzLUkUG
	508
	509	FPQxr0vA49mCYwfd/ZL3ppM/0IWmxRwloV1Gb9q8iDBUcJGSDokZnT7diUxzzOcd
	510
	511	+UJ6xUhFq1v46Y7vO+73XROLv34JEBC0bIw2ErL6+AbzhHwb2mkuSccG9Ks37g3Z
	512
	513	dyyjjj8hm1wvHWepuWqEssaiS3HD5zAsI0v85xS8RwNj3zLfd8o1WC666n3CO+ij
	514
	515	VdRmR4kCgYEA+/sEFxpfaRomqcLwJebZcZH06U1RfJFfnbH2/Q6fANf8zNxwWs9A
	516
	517	O+jyk/CLhHYRIk6VIOMQmWwEYgJ2eAHfw2Diwj4/0eqkGu+yZOS6KTCewxSV73vc
	518
	519	SvACramJy4y6yEgDN5onwR1XqfVMfA0LzTcSupHR/xvrpf/gCsNFPxUCgYEAyAFd
	520
	521	nMUhJFSq3pOogxA43aJSkA8YuDS3jpBkKQ6vx81APpIMabQauOxFDt488TZGP3Yy
	522
	523	lhpa/lfFIgu2K7CgV4dUp+JtJJoZ/F+ExxUUzdqB4zxzWywAcc3RebfwP6qASwFT
	524
	525	G3mXYci4tgNWR+k5CSsuLXDk/OT5uo5GeGAEc/8CgYEAk6V8uxDP8STKnNRFpN/E
	526
	527	b6CHciDE64m/DgbWY2cq0fK9BUjxaLRhvfj8EqVzCrWnyoNjLHcAJfW+B7PLuPvY
	528
	529	IoJlvE1/Vb/4UnQ7ApVnY3VCwaoRRNc9uIcz+pAJ1sRqOarAf9cLDkPkNwktvM5k
	530
	531	KOXpSnrhIms4w/bPT18l9xUCgYBsAMDKbXEuK0JyGw5+Z/4tQQCQpnZU0rLkm3ha
	532
	533	64FkxaORplBprEZZ4cyQ8NW78/EPSAadI/JLMp5TejuPcDvFyGCgoBcMEuNBc1tC
	534
	535	HlIzr3FAgl5Qt3wt+FTMA9YKq0nINxjn10s2FKwaLccj4f9YwiaXh0VAg22PnlDT
	536
	537	pBYDhQKBgQCMwyKXJ4zYiDRdvLvgKzeuKaU4KNQItHE4KORPfkecjPoENt4bKxDw
	538
	539	2EdNFQLIoqBHL1s+/8+SzhCI31V7pkTs1AqCxDExJS7+8Z5NQFQIo/jooUo0N80E
	540
	541	y3ZZS6OLOXXscEqhMogf1grfbabXM9OkgTIq43cPQHtMGQiFAtIJkg==
	542
	543	~-~-~-~--END RSA PRIVATE KEY~-~-~-~--}
	544
	545	(% style="color:red" %)Note: Be sure to add a terminator "}" at the end of the command. Otherwise, the command will not execute successfully.
	546
	547	[[image:image-20240528174702-17.png]]
	548
	549	Display(% style="color:blue" %) "Successfully configured client private key."(%%) If the configuration is successful, otherwise it is considered configuration failure.
	550
	551
46.1	552	==== 4.2.2.4 Re-upgrade the firmware ====
24.2	553
24.4	554
46.1	555	After completing the certificate configuration, Burn the [[bootloader>>https://www.dropbox.com/scl/fo/ztlw35a9xbkomu71u31im/AE23WqlQ8CKU4cuy-sP1JkM/Utility/NB-IoT%20Bootloader?rlkey=ojjcsw927eaow01dgooldq3nu&e=1&subfolder_nav_tracking=1&dl=0]] firmware first, then re-burn the original working [[firmware>>https://www.dropbox.com/scl/fo/ztlw35a9xbkomu71u31im/ANd2flSqspRRXl-ksF6gUqk/LTE-M?dl=0&rlkey=ojjcsw927eaow01dgooldq3nu&subfolder_nav_tracking=1]].
	556
	557
	558	==== 4.2.2.5 For -CB /-CS model Certificate setting error/change certificate ====
	559
	560
24.2	561	(% data-sider-select-id="7c5a8abc-e707-467b-ac02-db0a89098320" %)When you set the wrong certificate or you need to re-set another certificate.
	562	Please use the following three commands：
	563
24.4	564	(% style="color:blue" %)AT+DELCLIKEY}
24.2	565
24.4	566	(% style="color:blue" %)AT+DELCLICERT}
24.2	567
24.7	568	(% style="color:blue" %)AT+DELCACERT}(%%)
	569	(% style="color:blue" %)
24.2	570
24.4	571	(% style="color:red" %)**Note: 1.When there is no certificate on the device, a deletion error will be displayed.
24.2	572	2.When the device already has a certificate, using the command to configure the certificate again will display a configuration error.**
	573
	574
	575	= (% data-sider-select-id="6b5deb69-539b-42e1-a7bc-a300eb1fea73" %)5. Configure draginoNB-device(%%) =
	576
22.1	577	== 5.1 Configure the data format sent by the device ==
	578
23.2	579
23.7	580	(% style="color:blue" %)AT+PRO=3,5(%%) (Data is in Json format of MQTT)
1.2	581
	582
22.1	583	== 5.2 Set server address ==
1.2	584
23.2	585
23.7	586	(% style="color:blue" %)AT+SERVADDR=an5tk94sdgjat-ats.iot.us-east-1.amazonaws.com,8883
1.2	587
	588
23.2	589	== 5.3 Set up private and public topics ==
1.2	590
23.2	591
1.2	592	AWS does not limit topics, so you can set any topic
	593
23.7	594	(% style="color:blue" %)AT+SUBTOPIC=Any
1.2	595
23.7	596	(% style="color:blue" %)AT+PUBTOPIC=Any
1.2	597
	598
22.1	599	== 5.4 Set the TLS mode ==
1.2	600
23.2	601
24.2	602	(% data-sider-select-id="cf7bb573-8375-4479-9801-df8bb7dab3ba" style="color:blue" %)AT+TLSMOD=1,2
1.2	603
23.7	604	To use the TLS mode certificate function, users need to configure the (% style="color:blue" %)AT+TLSMOD(%%) command.
1.2	605
23.7	606	(% style="color:blue" %)AT+TLSMOD=1,0 (%%) ~/~/ No authentication
1.2	607
23.7	608	(% style="color:blue" %)AT+TLSMOD=1,1 (%%) ~/~/ Perform server authentication
1.2	609
23.7	610	(% style="color:blue" %)AT+TLSMOD=1,2 (%%) ~/~/ Perform server and client authentication if requested by the remote server.(In AWS we recommend using this mode)
1.2	611
	612
24.2	613	(% data-sider-select-id="f443b9bc-1195-4fe2-965d-7de84f78747f" %)
24.4	614	== 5.5 Set the MQOS ==
1.2	615
24.4	616
24.2	617	(% data-sider-select-id="cf7bb573-8375-4479-9801-df8bb7dab3ba" style="color:blue; font-weight:bold" %)AT+MQOS(% data-sider-select-id="cf7bb573-8375-4479-9801-df8bb7dab3ba" style="color:blue" %)=XX （Depends on your server configuration）
23.2	618
24.2	619	Please find it in AWS's MQTT test client
	620
	621	[[image:image-20240529164339-1.png\|\|height="480" width="927"]]
	622
	623
	624	(% data-sider-select-id="fef22158-6e5e-46e4-b59e-fe457e562376" %)
	625	== 5.6 Restart the device ==
	626
	627
22.1	628	= 6. View data on AWS =
1.2	629
23.2	630	== 6.1 Find MQTT test client in test ==
1.2	631
23.2	632
1.2	633	In the fourth step, fill in the topics you subscribed to before
	634
23.7	635	(% style="color:blue" %)AT+PUBTOPIC=XXXX
1.2	636
	637	If you forget your previous topic, you can fill in #,subscribe to all topics
	638
22.1	639	[[image:image-20240528175111-18.png\|\|height="409" width="1014"]]
1.2	640
	641
23.5	642	== 6.2 The data published information in Subscriptions ==
1.2	643
22.1	644
	645	[[image:image-20240528175133-19.png\|\|height="563" width="1022"]]
	646
	647	[[image:image-20240528175154-20.png\|\|height="752" width="1042"]]

Wiki source code of Dragino -NB/-CB device connection to AWS platform instructions

Applications

Navigation