Dear all Loraserver users,
I’ve been searching, during the last two days, the way to integrate AWS IoT Core with the Lora-App-Server. I saw some topics in the forum talking about existing problems setting it up. Finally I got to do the integration and I would like to share it with all of you.
The next links helped me to reach my objective:
- https://www.loraserver.io/lora-app-server/integrate/data/
- https://github.com/gotthardp/lorawan-server/blob/master/doc/Integration.md
- https://forum.loraserver.io/t/nil-error-when-connecting-to-mqtt-broker-aws-iot-core/2003
First you should create a thing in IoT AWS Core as you can see in the link #1. Follow the steps (name, type, groups, attributes…). Then you have to create a certificate. It can be your own certificate by a CA or you could let AWS IoT to create it for you. I chose the second option and I downloaded the certificate, and the public and private keys into the /etc/lora-app-server/certs/ directory. After this you have to go to the security options in the main panel, and to create a policy. Then you will have to attach this policy to the certificate created before. For the moment we will use the policy given by #1:
"Statement": [{
"Action": "iot:*",
"Resource": "*",
"Effect": "Allow"
}]
If you go to the thing you created, you will find, in the interact option, the link_point which you will have to insert into the lora-app-server configuration file.
Secondly, in the lora-app-server (mine is running in an Ubuntu 18.06 EC2 instance) you have to modify the /etc/lora-app-server/lora-app-server.toml file as follow:
# MQTT server (e.g. scheme://host:port where scheme is tcp, ssl or ws)
server:"ssl://link_point:8883
# TLS certificate file (optional)
tls_cert="/etc/lora-app-server/certs/certificate.pem.crt"
# TLS key file (optional)
tls_key="/etc/lora-app-server/certs/private.pem.key"
As you can see, it is important to change the “tcp” by the “ssl” protocol and it’s not necessary to fill the “ca_cert” because this is just when the certificate is self generated.
To check that everything is correct, go to the test/trial option in AWS IoT Core and write any topic like the next one:
application/1/device/#
If you have an application and a device created, you will see your data at the IoT AWS Core platform. From here, you are free to create and connect any allowed AWS application!
If you have any doubt or just you would like to share more things about this topic, do not hesitate to write here!
PD: Thanks a lot Brocaar for the work you are doing! It could be a very nice option to implement the AWS Integration, so that users could choose between two big cloud solutions (Google and Amazon). Thanks again!