Hello everybody,
I’m installing on a raspberry pi 3 a LoRa network by following the tutorial https://www.loraserver.io/loraserver/overview/ . I’m currently stack at the step of the certificate and I don’t know why. I did all the forum and post I could find it helped me a lot but i’m now stuck.
I got the error message on the GUI of the lora-app-server : Error tls: private key does not match public key (code: 2) when i try to add a network server.
I created the certificats, declared them in loraserver.toml and lora-app-server.toml but I can’t have a proper hanshake and I don’t see where is my mistake.
Servers logs:
************ Loraserver logs ***************
Sep 05 10:46:28 raspberrypi systemd[1]: Starting LoRa Server…
Sep 05 10:46:28 raspberrypi systemd[1]: Started LoRa Server.
Sep 05 10:46:28 raspberrypi loraserver[3023]: time=“2018-09-05T10:46:28+02:00” level=info msg=“starting LoRa Server” band=EU_863_870 docs=“https://docs.loraserver.io/” net_id=010203 version=1.0.0
Sep 05 10:46:28 raspberrypi loraserver[3023]: time=“2018-09-05T10:46:28+02:00” level=info msg=“disabling all channels”
Sep 05 10:46:28 raspberrypi loraserver[3023]: time=“2018-09-05T10:46:28+02:00” level=info msg=“enabling channels” channels="[0 1 2]"
Sep 05 10:46:28 raspberrypi loraserver[3023]: time=“2018-09-05T10:46:28+02:00” level=info msg=“setup redis connection pool” url=“redis://localhost:6379”
Sep 05 10:46:28 raspberrypi loraserver[3023]: time=“2018-09-05T10:46:28+02:00” level=info msg=“connecting to postgresql”
Sep 05 10:46:28 raspberrypi loraserver[3023]: time=“2018-09-05T10:46:28+02:00” level=info msg=“backend/gateway: TLS config is empty”
Sep 05 10:46:28 raspberrypi loraserver[3023]: time=“2018-09-05T10:46:28+02:00” level=info msg=“backend/gateway: connecting to mqtt broker” server=“tcp://localhost:1883”
Sep 05 10:46:28 raspberrypi loraserver[3023]: time=“2018-09-05T10:46:28+02:00” level=info msg=“configuring join-server client” ca_cert= server=“http://localhost:8003” tls_cert= tls_key=
Sep 05 10:46:28 raspberrypi loraserver[3023]: time=“2018-09-05T10:46:28+02:00” level=info msg=“no network-controller configured”
Sep 05 10:46:28 raspberrypi loraserver[3023]: time=“2018-09-05T10:46:28+02:00” level=info msg=“applying database migrations”
Sep 05 10:46:28 raspberrypi loraserver[3023]: time=“2018-09-05T10:46:28+02:00” level=info msg=“backend/gateway: connected to mqtt server”
Sep 05 10:46:28 raspberrypi loraserver[3023]: time=“2018-09-05T10:46:28+02:00” level=info msg=“backend/gateway: subscribing to rx topic” qos=0 topic=gateway/+/rx
Sep 05 10:46:28 raspberrypi loraserver[3023]: time=“2018-09-05T10:46:28+02:00” level=info msg=“backend/gateway: subscribing to stats topic” qos=0 topic=gateway/+/stats
Sep 05 10:46:28 raspberrypi loraserver[3023]: time=“2018-09-05T10:46:28+02:00” level=info msg=“migrations applied” count=0
Sep 05 10:46:28 raspberrypi loraserver[3023]: time=“2018-09-05T10:46:28+02:00” level=info msg=“starting api server” bind=“0.0.0.0:8084” ca-cert=/etc/default/lora-certs/ca/ca.pem tls-cert=/etc/default/lora-certs/loraserver/api/server/loraserver-api-server.pem tls-key=/etc/default/lora-certs/loraserver/api/server/loraserver-api-server-key.pem
Sep 05 10:46:28 raspberrypi loraserver[3023]: time=“2018-09-05T10:46:28+02:00” level=info msg=“starting downlink device-queue scheduler”
Sep 05 10:47:33 raspberrypi loraserver[3023]: time=“2018-09-05T10:47:33+02:00” level=warning msg=“grpc: Server.Serve failed to complete security handshake from “[::1]:52302”: tls: first record does not look like a TLS handshake”
************ Lora-app-server logs ***************
Sep 05 14:02:12 raspberrypi systemd[1]: Starting LoRa App Server…
Sep 05 14:02:12 raspberrypi systemd[1]: Started LoRa App Server.
Sep 05 14:02:12 raspberrypi lora-app-server[4223]: time=“2018-09-05T14:02:12+02:00” level=info msg=“starting LoRa App Server” docs=“https://www.loraserver.io/” version=1.0.2
Sep 05 14:02:12 raspberrypi lora-app-server[4223]: time=“2018-09-05T14:02:12+02:00” level=info msg=“connecting to postgresql”
Sep 05 14:02:12 raspberrypi lora-app-server[4223]: time=“2018-09-05T14:02:12+02:00” level=info msg=“setup redis connection pool”
Sep 05 14:02:12 raspberrypi lora-app-server[4223]: time=“2018-09-05T14:02:12+02:00” level=info msg=“handler/mqtt: TLS config is empty”
Sep 05 14:02:12 raspberrypi lora-app-server[4223]: time=“2018-09-05T14:02:12+02:00” level=info msg=“handler/mqtt: connecting to mqtt broker” server=“tcp://localhost:1883”
Sep 05 14:02:12 raspberrypi lora-app-server[4223]: time=“2018-09-05T14:02:12+02:00” level=info msg=“applying database migrations”
Sep 05 14:02:12 raspberrypi lora-app-server[4223]: time=“2018-09-05T14:02:12+02:00” level=info msg=“handler/mqtt: connected to mqtt broker”
Sep 05 14:02:12 raspberrypi lora-app-server[4223]: time=“2018-09-05T14:02:12+02:00” level=info msg=“handler/mqtt: subscribing to tx topic” qos=0 topic=application/+/device/+/tx
Sep 05 14:02:12 raspberrypi lora-app-server[4223]: time=“2018-09-05T14:02:12+02:00” level=info msg=“migrations applied” count=0
Sep 05 14:02:12 raspberrypi lora-app-server[4223]: time=“2018-09-05T14:02:12+02:00” level=info msg=“starting application-server api” bind=“127.0.0.1:8001” ca-cert=/etc/default/lora-certs/ca/ca.pem tls-cert=/etc/default/lora-certs/lora-app-server/api/server/lora-app-server-api-server.pem tls-key=/etc/default/lora-certs/lora-app-server/api/server/lora-app-server-api-server-key.pem
Sep 05 14:02:12 raspberrypi lora-app-server[4223]: time=“2018-09-05T14:02:12+02:00” level=info msg=“starting join-server api” bind=“0.0.0.0:8003” ca_cert= tls_cert= tls_key=
Sep 05 14:02:12 raspberrypi lora-app-server[4223]: time=“2018-09-05T14:02:12+02:00” level=info msg=“starting client api server” bind=“0.0.0.0:8080” tls-cert=/etc/lora-app-server/certs/http.pem tls-key=/etc/lora-app-server/certs/http-key.pem
Sep 05 14:02:12 raspberrypi lora-app-server[4223]: time=“2018-09-05T14:02:12+02:00” level=info msg=“registering rest api handler and documentation endpoint” path=/api
Sep 05 14:36:21 raspberrypi lora-app-server[4223]: time=“2018-09-05T14:36:21+02:00” level=info msg=“finished unary call with code OK” grpc.code=OK grpc.method=Branding grpc.service=api.Internal grpc.start_time=“2018-09-05T14:36:21+02:00” grpc.time_ms=0.062 peer.address="[::1]:52312" span.kind=server system=grpc
Sep 05 14:36:21 raspberrypi lora-app-server[4223]: time=“2018-09-05T14:36:21+02:00” level=info msg=“finished unary call with code OK” grpc.code=OK grpc.method=Profile grpc.service=api.Internal grpc.start_time=“2018-09-05T14:36:21+02:00” grpc.time_ms=43.057 peer.address="[::1]:52312" span.kind=server system=grpc
Sep 05 14:36:21 raspberrypi lora-app-server[4223]: time=“2018-09-05T14:36:21+02:00” level=info msg=“finished unary call with code OK” grpc.code=OK grpc.method=List grpc.service=api.Organization grpc.start_time=“2018-09-05T14:36:21+02:00” grpc.time_ms=18.335 peer.address="[::1]:52320" span.kind=server system=grpc
Sep 05 14:36:26 raspberrypi lora-app-server[4223]: 2018/09/05 14:36:26 http: TLS handshake error from 192.168.0.102:62049: tls: first record does not look like a TLS handshake
Sep 05 14:36:26 raspberrypi lora-app-server[4223]: 2018/09/05 14:36:26 http: TLS handshake error from 192.168.0.102:62050: tls: first record does not look like a TLS handshake
Sep 05 14:36:31 raspberrypi lora-app-server[4223]: 2018/09/05 14:36:31 http: TLS handshake error from 192.168.0.102:62051: tls: first record does not look like a TLS handshake
Sep 05 14:36:37 raspberrypi lora-app-server[4223]: time=“2018-09-05T14:36:37+02:00” level=info msg=“finished unary call with code OK” grpc.code=OK grpc.method=Branding grpc.service=api.Internal grpc.start_time=“2018-09-05T14:36:37+02:00” grpc.time_ms=0.055 peer.address="[::1]:52312" span.kind=server system=grpc
Configuration of the servers:
************ Loraserver Config ***************
Network-server API
This is the network-server API that is used by LoRa App Server or other
custom components interacting with LoRa Server.
[network_server.api]
ip:port to bind the api server
bind=“0.0.0.0:8084”
ca certificate used by the api server (optional)
ca_cert="/etc/default/lora-certs/ca/ca.pem"
tls certificate used by the api server (optional)
tls_cert="/etc/default/lora-certs/loraserver/api/server/loraserver-api-server.pem"
tls key used by the api server (optional)
tls_key="/etc/default/lora-certs/loraserver/api/server/loraserver-api-server-key.pem"
************ Lora-App-server Config ***************
Settings for the “internal api”
This is the API used by LoRa Server to communicate with LoRa App Server
and should not be exposed to the end-user.
[application_server.api]
ip:port to bind the api server
bind=“127.0.0.1:8001”
ca certificate used by the api server (optional)
ca_cert="/etc/default/lora-certs/ca/ca.pem"
tls certificate used by the api server (optional)
tls_cert="/etc/lora-app-server/certs/http.pem"
tls_cert="/etc/default/lora-certs/lora-app-server/api/server/lora-app-server-api-server.pem"
tls key used by the api server (optional)
tls_key="/etc/lora-app-server/certs/http-key.pem"
tls_key="/etc/default/lora-certs/lora-app-server/api/server/lora-app-server-api-server-key.pem"
Does anyone know why ?
Thanks in advance,
Franck