Chirpstack 4 MQTT connection error “NULL Parameter” with AWS IoT Core

Guilleojeda · September 30, 2022, 2:43pm

I’m trying to set up ChirpStack v4 on AWS, with the following setup:

AWS Elastic Beanstalk with Application Load Balancer
Docker image of ChirpStack 4.0.2
AWS IoT Core as MQTT Broker

I’m seeing the following error:

> [2mchirpstack::integration::mqtte[0me[2m:e[0m Connecting to MQTT broker e[3mserver_urie[0me[2m=e[0mssl://a1d7kq193xmgsn-ats.iot.us-east-1.amazonaws.com:8883/ e[3mclient_ide[0me[2m=e[0mbe114923d62e3779 e[3mclean_sessione[0me[2m=e[0mfalse
> , stderr: Error: Setup MQTT integration
> 
> Caused by:
>     0: Connect to MQTT broker
>     1: [-6] NULL Parameter

In the chirpstack.toml I have the following relevant parts (redacted the server address):

  enabled_regions=[
    "au915_0"
  ]
...
[integration]
  enabled=["mqtt"]

  [integration.mqtt]
    server="ssl://192ja93jgxmgsn-ats.iot.us-east-1.amazonaws.com:8883/"
    json=true

And in region_au915_0.toml (redacted sensitive data):

    [regions.gateway.backend]

      # The enabled backend type.
      enabled="mqtt"

      # MQTT configuration.
      [regions.gateway.backend.mqtt]

        # Event topic template.
        event_topic="au915_0/gateway/+/event/+"

        # Command topic template.
        command_topic="au915_0/gateway/{{ gateway_id }}/command/{{ command }}"

        # MQTT server (e.g. scheme://host:port where scheme is tcp, ssl or ws)
        server="ssl://192ja93jgxmgsn-ats.iot.us-east-1.amazonaws.com:8883/"

        # Connect with the given username (optional)
        username=""

        # Connect with the given password (optional)
        password=""

        # Quality of service level
        qos=0

        # Clean session
        clean_session=false

        # Client ID
        client_id=""

        # CA certificate file (optional)
        ca_cert="/app/certs/AmazonRootCA3.pem"

        # TLS certificate file (optional)
      tls_cert="/app/certs/320bcdb28e1bd8fc080a71c3b222d24d8f39a929cb4364d97544e74e9e074c7a-certificate.pem.crt"

        # TLS key file (optional)
      tls_key="/app/certs/320bcdb28e1bd8fc080a71c3b222d24d8f39a929cb4364d97544e74e9e074c7a-private.pem.key"

A few days ago someone posted about this same error, but they were not using any CA cert, and their solution was to use a CA cert. I’m already using a CA cert.

Full ChirpStack logs:

stdout: e[2m2022-09-30T14:13:40.533208Ze[0m e[32m INFOe[0m e[2mchirpstack::cmd::roote[0me[2m:e[0m Starting ChirpStack LoRaWAN Network Server e[3mversione[0me[2m=e[0m"4.0.2" e[3mdocse[0me[2m=e[0m"https://www.chirpstack.io/"
e[2m2022-09-30T14:13:40.533239Ze[0m e[32m INFOe[0m e[2mchirpstack::regione[0me[2m:e[0m Setting up regions
e[2m2022-09-30T14:13:40.533266Ze[0m e[32m INFOe[0m e[1msetupe[0me[1m{e[0me[3mcommon_namee[0me[2m=e[0mAU915 e[3mregion_namee[0me[2m=e[0mau915_0e[1m}e[0me[2m:e[0m e[2mchirpstack::regione[0me[2m:e[0m Configuring region
e[2m2022-09-30T14:13:40.533465Ze[0m e[32m INFOe[0m e[2mchirpstack::backend::joinservere[0me[2m:e[0m Setting up Join Server clients
e[2m2022-09-30T14:13:40.533472Ze[0m e[32m INFOe[0m e[2mchirpstack::backend::roaminge[0me[2m:e[0m Setting up roaming clients
e[2m2022-09-30T14:13:40.533479Ze[0m e[32m INFOe[0m e[2mchirpstack::adre[0me[2m:e[0m Setting up adr algorithms
e[2m2022-09-30T14:13:40.533488Ze[0m e[32m INFOe[0m e[2mchirpstack::integratione[0me[2m:e[0m Setting up global integrations
e[2m2022-09-30T14:13:40.533493Ze[0m e[32m INFOe[0m e[2mchirpstack::integration::redise[0me[2m:e[0m Initializing Redis integration
e[2m2022-09-30T14:13:40.533501Ze[0m e[32m INFOe[0m e[2mchirpstack::integration::mqtte[0me[2m:e[0m Initializing MQTT integration
e[2m2022-09-30T14:13:40.537968Ze[0m e[32m INFOe[0m e[2mchirpstack::integration::mqtte[0me[2m:e[0m Connecting to MQTT broker e[3mserver_urie[0me[2m=e[0mssl://192ja93jgxmgsn-ats.iot.us-east-1.amazonaws.com:8883/ e[3mclient_ide[0me[2m=e[0mbe114923d62e3779 e[3mclean_sessione[0me[2m=e[0mfalse
, stderr: Error: Setup MQTT integration

Caused by:
    0: Connect to MQTT broker
    1: [-6] NULL Parameter

I’ve tried changing the CA cert for the other one that AWS IoT Core provides, but I got the same error. I’ve also tried replacing it with an invalid CA cert, and I still got the same error.

Furthermore, in line 153 of this source file (if I understand correctly) there’s a statement that prints Configuring connection with TLS certificate to the standard output, and I’m not seeing that statement. This is under the following if statement:
if !conf.ca_cert.is_empty() || !conf.tls_cert.is_empty() || !conf.tls_key.is_empty()
This missing output, along with the NULL error even when providing an invalid cert, plus the fact that someone else experienced this error when not adding any value for CA cert, TLS cert and TLS key, leads me to think that for some reason the values are not being pulled from the config file.

@brocaar sorry to tag you, but I went through the code several times and I couldn’t find why this might be happening.

Let me know if I skipped any relevant data.

johndyer24 · October 3, 2022, 6:03pm

@Guilleojeda You’ve specified ca_cert, tls_cert, and tls_key under [regions.gateway.backend] in region_au915_0.toml, but what about under [integration.mqtt] in chirpstack.toml? From what I can tell I think those variables have to be specified in both places.

Guilleojeda · October 3, 2022, 7:21pm

@johndyer24 Thanks! I tried that, and now i’m getting the following error:

TCP/TLS connect failure

I tried both with the same certificates that were working with v3 and with new certificates from a new Thing in AWS IoT Core. I also tried converting all to the .pem file extension.

Any idea what might be the issue?

system · January 1, 2023, 7:21pm

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.