I did it:
I fill the content of:
here :
I didn’t understand this ==>
Important: the CN of the client certificate must match the --as-public-id of the LoRa App Server using the certificate.
and I fill the content of:
here:
I didn’t understand this ==>
Important: the CN of the client certificate must match the --net-id of the LoRa Server instance using the certificate.
Sorry but I need help to debug this certificat part, there is something I did not do well!
I’m starting by debug loraserver:
my loraserver log:
Jun 30 18:48:42 Debian02 systemd[1]: Starting LoRa Server...
Jun 30 18:48:42 Debian02 systemd[1]: Started LoRa Server.
Jun 30 18:48:47 Debian02 loraserver[468]: time="2018-06-30T18:48:47+01:00" level=info msg="starting LoRa Server" band=EU_863_870 docs="https://docs.loraserver.io/" net_id=010203 version=1.0.0
Jun 30 18:48:47 Debian02 loraserver[468]: time="2018-06-30T18:48:47+01:00" level=info msg="setup redis connection pool" url="redis://localhost:6379"
Jun 30 18:48:47 Debian02 loraserver[468]: time="2018-06-30T18:48:47+01:00" level=info msg="connecting to postgresql"
Jun 30 18:48:47 Debian02 loraserver[468]: time="2018-06-30T18:48:47+01:00" level=error msg="ping database error, will retry in 2s: dial tcp [::1]:5432: connect: connection refused"
Jun 30 18:48:49 Debian02 loraserver[468]: time="2018-06-30T18:48:49+01:00" level=error msg="ping database error, will retry in 2s: dial tcp [::1]:5432: connect: connection refused"
Jun 30 18:48:51 Debian02 loraserver[468]: time="2018-06-30T18:48:51+01:00" level=error msg="ping database error, will retry in 2s: dial tcp [::1]:5432: connect: connection refused"
Jun 30 18:48:54 Debian02 loraserver[468]: time="2018-06-30T18:48:54+01:00" level=info msg="backend/gateway: TLS config is empty"
Jun 30 18:48:54 Debian02 loraserver[468]: time="2018-06-30T18:48:54+01:00" level=info msg="backend/gateway: connecting to mqtt broker" server="tcp://localhost:1883"
Jun 30 18:48:54 Debian02 loraserver[468]: time="2018-06-30T18:48:54+01:00" level=error msg="backend/gateway: connecting to mqtt broker failed, will retry in 2s: Network Error : dial tcp [::1]:1883: connect: connection refused"
Jun 30 18:48:56 Debian02 loraserver[468]: time="2018-06-30T18:48:56+01:00" level=error msg="backend/gateway: connecting to mqtt broker failed, will retry in 2s: Network Error : dial tcp [::1]:1883: connect: connection refused"
Jun 30 18:48:58 Debian02 loraserver[468]: time="2018-06-30T18:48:58+01:00" level=error msg="backend/gateway: connecting to mqtt broker failed, will retry in 2s: Network Error : dial tcp [::1]:1883: connect: connection refused"
Jun 30 18:49:00 Debian02 loraserver[468]: time="2018-06-30T18:49:00+01:00" level=error msg="backend/gateway: connecting to mqtt broker failed, will retry in 2s: Network Error : dial tcp [::1]:1883: connect: connection refused"
Jun 30 18:49:02 Debian02 loraserver[468]: time="2018-06-30T18:49:02+01:00" level=error msg="backend/gateway: connecting to mqtt broker failed, will retry in 2s: Network Error : dial tcp [::1]:1883: connect: connection refused"
Jun 30 18:49:04 Debian02 loraserver[468]: time="2018-06-30T18:49:04+01:00" level=error msg="backend/gateway: connecting to mqtt broker failed, will retry in 2s: Network Error : dial tcp [::1]:1883: connect: connection refused"
Jun 30 18:49:06 Debian02 loraserver[468]: time="2018-06-30T18:49:06+01:00" level=error msg="backend/gateway: connecting to mqtt broker failed, will retry in 2s: Network Error : dial tcp [::1]:1883: connect: connection refused"
Jun 30 18:49:08 Debian02 loraserver[468]: time="2018-06-30T18:49:08+01:00" level=error msg="backend/gateway: connecting to mqtt broker failed, will retry in 2s: Network Error : dial tcp [::1]:1883: connect: connection refused"
Jun 30 18:49:10 Debian02 loraserver[468]: time="2018-06-30T18:49:10+01:00" level=error msg="backend/gateway: connecting to mqtt broker failed, will retry in 2s: Network Error : dial tcp [::1]:1883: connect: connection refused"
Jun 30 18:49:12 Debian02 loraserver[468]: time="2018-06-30T18:49:12+01:00" level=error msg="backend/gateway: connecting to mqtt broker failed, will retry in 2s: Network Error : dial tcp [::1]:1883: connect: connection refused"
Jun 30 18:49:14 Debian02 loraserver[468]: time="2018-06-30T18:49:14+01:00" level=error msg="backend/gateway: connecting to mqtt broker failed, will retry in 2s: Network Error : dial tcp [::1]:1883: connect: connection refused"
Jun 30 18:49:16 Debian02 loraserver[468]: time="2018-06-30T18:49:16+01:00" level=error msg="backend/gateway: connecting to mqtt broker failed, will retry in 2s: Network Error : dial tcp [::1]:1883: connect: connection refused"
Jun 30 18:49:18 Debian02 loraserver[468]: time="2018-06-30T18:49:18+01:00" level=error msg="backend/gateway: connecting to mqtt broker failed, will retry in 2s: Network Error : dial tcp [::1]:1883: connect: connection refused"
Jun 30 18:49:20 Debian02 loraserver[468]: time="2018-06-30T18:49:20+01:00" level=error msg="backend/gateway: connecting to mqtt broker failed, will retry in 2s: Network Error : dial tcp [::1]:1883: connect: connection refused"
Jun 30 18:49:22 Debian02 loraserver[468]: time="2018-06-30T18:49:22+01:00" level=error msg="backend/gateway: connecting to mqtt broker failed, will retry in 2s: Network Error : dial tcp [::1]:1883: connect: connection refused"
Jun 30 18:49:24 Debian02 loraserver[468]: time="2018-06-30T18:49:24+01:00" level=error msg="backend/gateway: connecting to mqtt broker failed, will retry in 2s: Network Error : dial tcp [::1]:1883: connect: connection refused"
Jun 30 18:49:26 Debian02 loraserver[468]: time="2018-06-30T18:49:26+01:00" level=error msg="backend/gateway: connecting to mqtt broker failed, will retry in 2s: Network Error : dial tcp [::1]:1883: connect: connection refused"
Jun 30 18:49:28 Debian02 loraserver[468]: time="2018-06-30T18:49:28+01:00" level=info msg="configuring join-server client" ca_cert=/etc/loraserver-certificates/certs/ca/ca.pem server="http://localhost:8003" tls_cert=/etc/loraserver-certi
Jun 30 18:49:28 Debian02 loraserver[468]: time="2018-06-30T18:49:28+01:00" level=info msg="backend/gateway: connected to mqtt server"
Jun 30 18:49:28 Debian02 loraserver[468]: time="2018-06-30T18:49:28+01:00" level=info msg="backend/gateway: subscribing to rx topic" qos=0 topic=gateway/+/rx
Jun 30 18:49:28 Debian02 loraserver[468]: time="2018-06-30T18:49:28+01:00" level=info msg="no network-controller configured"
Jun 30 18:49:28 Debian02 loraserver[468]: time="2018-06-30T18:49:28+01:00" level=info msg="applying database migrations"
Jun 30 18:49:28 Debian02 loraserver[468]: time="2018-06-30T18:49:28+01:00" level=info msg="backend/gateway: subscribing to stats topic" qos=0 topic=gateway/+/stats
Jun 30 18:49:28 Debian02 loraserver[468]: time="2018-06-30T18:49:28+01:00" level=info msg="migrations applied" count=0
Jun 30 18:49:28 Debian02 loraserver[468]: time="2018-06-30T18:49:28+01:00" level=info msg="starting api server" bind="0.0.0.0:8000" ca-cert=/etc/loraserver-certificates/certs/ca/ca.pem tls-cert=/etc/loraserver-certificates/certs/loraserv
Jun 30 18:49:28 Debian02 loraserver[468]: time="2018-06-30T18:49:28+01:00" level=info msg="starting downlink device-queue scheduler"
Jun 30 18:50:09 Debian02 loraserver[468]: time="2018-06-30T18:50:09+01:00" level=warning msg="grpc: Server.Serve failed to complete security handshake from \"[::1]:38242\": tls: first record does not look like a TLS handshake"
Jun 30 18:50:10 Debian02 loraserver[468]: time="2018-06-30T18:50:10+01:00" level=warning msg="grpc: Server.Serve failed to complete security handshake from \"[::1]:38243\": tls: first record does not look like a TLS handshake"
Jun 30 18:50:11 Debian02 loraserver[468]: time="2018-06-30T18:50:11+01:00" level=warning msg="grpc: Server.Serve failed to complete security handshake from \"[::1]:38244\": tls: first record does not look like a TLS handshake"
Jun 30 18:50:14 Debian02 loraserver[468]: time="2018-06-30T18:50:14+01:00" level=warning msg="grpc: Server.Serve failed to complete security handshake from \"[::1]:38245\": tls: first record does not look like a TLS handshake"
Jun 30 18:50:19 Debian02 loraserver[468]: time="2018-06-30T18:50:19+01:00" level=warning msg="grpc: Server.Serve failed to complete security handshake from \"[::1]:38246\": tls: first record does not look like a TLS handshake"
Jun 30 18:50:25 Debian02 loraserver[468]: time="2018-06-30T18:50:25+01:00" level=warning msg="grpc: Server.Serve failed to complete security handshake from \"[::1]:38247\": tls: first record does not look like a TLS handshake"
Jun 30 18:50:35 Debian02 loraserver[468]: time="2018-06-30T18:50:35+01:00" level=warning msg="grpc: Server.Serve failed to complete security handshake from \"[::1]:38248\": tls: first record does not look like a TLS handshake"
Jun 30 18:50:53 Debian02 loraserver[468]: time="2018-06-30T18:50:53+01:00" level=warning msg="grpc: Server.Serve failed to complete security handshake from \"[::1]:38249\": tls: first record does not look like a TLS handshake"
Here the related part of loraserver.toml:
# Network-server API
#
# This is the network-server API that is used by LoRa App Server or other
# custom components interacting with LoRa Server.
[network_server.api]
# ip:port to bind the api server
bind="0.0.0.0:8000"
# ca certificate used by the api server (optional)
ca_cert="/etc/loraserver-certificates/certs/ca/ca.pem"
# tls certificate used by the api server (optional)
tls_cert="/etc/loraserver-certificates/certs/loraserver/api/server/loraserver-api-server.pem"
# tls key used by the api server (optional)
tls_key="/etc/loraserver-certificates/certs/loraserver/api/server/loraserver-api-server-key.pem"
…
and
…
# Default join-server settings.
[join_server.default]
# hostname:port of the default join-server
#
# This API is provided by LoRa App Server.
server="http://localhost:8003"
# ca certificate used by the default join-server client (optional)
ca_cert="/etc/loraserver-certificates/certs/ca/ca.pem"
# tls certificate used by the default join-server client (optional)
tls_cert="/etc/loraserver-certificates/certs/lora-app-server/join-api/client/lora-app-server-join-api-client.pem"
# tls key used by the default join-server client (optional)
tls_key="/etc/loraserver-certificates/certs/lora-app-server/join-api/client/lora-app-server-join-api-client-key.pem"
Sorry it’s long post…