I’m trying to set up ChirpStack v4 on AWS, with the following setup:
- AWS Elastic Beanstalk with Application Load Balancer
- Docker image of ChirpStack 4.0.2
- AWS IoT Core as MQTT Broker
I’m seeing the following error:
> [2mchirpstack::integration::mqtte[0me[2m:e[0m Connecting to MQTT broker e[3mserver_urie[0me[2m=e[0mssl://a1d7kq193xmgsn-ats.iot.us-east-1.amazonaws.com:8883/ e[3mclient_ide[0me[2m=e[0mbe114923d62e3779 e[3mclean_sessione[0me[2m=e[0mfalse
> , stderr: Error: Setup MQTT integration
>
> Caused by:
> 0: Connect to MQTT broker
> 1: [-6] NULL Parameter
In the chirpstack.toml I have the following relevant parts (redacted the server address):
enabled_regions=[
"au915_0"
]
...
[integration]
enabled=["mqtt"]
[integration.mqtt]
server="ssl://192ja93jgxmgsn-ats.iot.us-east-1.amazonaws.com:8883/"
json=true
And in region_au915_0.toml (redacted sensitive data):
[regions.gateway.backend]
# The enabled backend type.
enabled="mqtt"
# MQTT configuration.
[regions.gateway.backend.mqtt]
# Event topic template.
event_topic="au915_0/gateway/+/event/+"
# Command topic template.
command_topic="au915_0/gateway/{{ gateway_id }}/command/{{ command }}"
# MQTT server (e.g. scheme://host:port where scheme is tcp, ssl or ws)
server="ssl://192ja93jgxmgsn-ats.iot.us-east-1.amazonaws.com:8883/"
# Connect with the given username (optional)
username=""
# Connect with the given password (optional)
password=""
# Quality of service level
qos=0
# Clean session
clean_session=false
# Client ID
client_id=""
# CA certificate file (optional)
ca_cert="/app/certs/AmazonRootCA3.pem"
# TLS certificate file (optional)
tls_cert="/app/certs/320bcdb28e1bd8fc080a71c3b222d24d8f39a929cb4364d97544e74e9e074c7a-certificate.pem.crt"
# TLS key file (optional)
tls_key="/app/certs/320bcdb28e1bd8fc080a71c3b222d24d8f39a929cb4364d97544e74e9e074c7a-private.pem.key"
A few days ago someone posted about this same error, but they were not using any CA cert, and their solution was to use a CA cert. I’m already using a CA cert.
Full ChirpStack logs:
stdout: e[2m2022-09-30T14:13:40.533208Ze[0m e[32m INFOe[0m e[2mchirpstack::cmd::roote[0me[2m:e[0m Starting ChirpStack LoRaWAN Network Server e[3mversione[0me[2m=e[0m"4.0.2" e[3mdocse[0me[2m=e[0m"https://www.chirpstack.io/"
e[2m2022-09-30T14:13:40.533239Ze[0m e[32m INFOe[0m e[2mchirpstack::regione[0me[2m:e[0m Setting up regions
e[2m2022-09-30T14:13:40.533266Ze[0m e[32m INFOe[0m e[1msetupe[0me[1m{e[0me[3mcommon_namee[0me[2m=e[0mAU915 e[3mregion_namee[0me[2m=e[0mau915_0e[1m}e[0me[2m:e[0m e[2mchirpstack::regione[0me[2m:e[0m Configuring region
e[2m2022-09-30T14:13:40.533465Ze[0m e[32m INFOe[0m e[2mchirpstack::backend::joinservere[0me[2m:e[0m Setting up Join Server clients
e[2m2022-09-30T14:13:40.533472Ze[0m e[32m INFOe[0m e[2mchirpstack::backend::roaminge[0me[2m:e[0m Setting up roaming clients
e[2m2022-09-30T14:13:40.533479Ze[0m e[32m INFOe[0m e[2mchirpstack::adre[0me[2m:e[0m Setting up adr algorithms
e[2m2022-09-30T14:13:40.533488Ze[0m e[32m INFOe[0m e[2mchirpstack::integratione[0me[2m:e[0m Setting up global integrations
e[2m2022-09-30T14:13:40.533493Ze[0m e[32m INFOe[0m e[2mchirpstack::integration::redise[0me[2m:e[0m Initializing Redis integration
e[2m2022-09-30T14:13:40.533501Ze[0m e[32m INFOe[0m e[2mchirpstack::integration::mqtte[0me[2m:e[0m Initializing MQTT integration
e[2m2022-09-30T14:13:40.537968Ze[0m e[32m INFOe[0m e[2mchirpstack::integration::mqtte[0me[2m:e[0m Connecting to MQTT broker e[3mserver_urie[0me[2m=e[0mssl://192ja93jgxmgsn-ats.iot.us-east-1.amazonaws.com:8883/ e[3mclient_ide[0me[2m=e[0mbe114923d62e3779 e[3mclean_sessione[0me[2m=e[0mfalse
, stderr: Error: Setup MQTT integration
Caused by:
0: Connect to MQTT broker
1: [-6] NULL Parameter
I’ve tried changing the CA cert for the other one that AWS IoT Core provides, but I got the same error. I’ve also tried replacing it with an invalid CA cert, and I still got the same error.
Furthermore, in line 153 of this source file (if I understand correctly) there’s a statement that prints Configuring connection with TLS certificate
to the standard output, and I’m not seeing that statement. This is under the following if
statement:
if !conf.ca_cert.is_empty() || !conf.tls_cert.is_empty() || !conf.tls_key.is_empty()
This missing output, along with the NULL error even when providing an invalid cert, plus the fact that someone else experienced this error when not adding any value for CA cert, TLS cert and TLS key, leads me to think that for some reason the values are not being pulled from the config file.
@brocaar sorry to tag you, but I went through the code several times and I couldn’t find why this might be happening.
Let me know if I skipped any relevant data.