Hi,
I’m attempting to test a gateway against the latest Chirpstack server package via Semtech Basic Station.
My bridge configuration file:
# See https://www.chirpstack.io/gateway-bridge/install/config/ for a full
# configuration example and documentation.
# Gateway backend configuration.
[backend]
# Backend type.
#
# Valid options are:
# * semtech_udp
# * basic_station
type="basic_station"
[backend.basic_station]
# ip:port to bind the Websocket listener to.
bind="172.31.40.150:3001"
# TLS certificate and key files.
#
# When set, the websocket listener will use TLS to secure the connections
# between the gateways and ChirpStack Gateway Bridge (optional).
tls_cert="/etc/chirpstack-gateway-bridge/certs/server.crt"
tls_key="/etc/chirpstack-gateway-bridge/certs/server.key"
#tls_cert="/etc/chirpstack-gateway-bridge/certs/cert.pem"
#tls_key="/etc/chirpstack-gateway-bridge/certs/privkey.pem"
#tls_cert=""
#tls_key=""
# TLS CA certificate.
#
# When configured, ChirpStack Gateway Bridge will validate that the client
# certificate of the gateway has been signed by this CA certificate.
#ca_cert="/etc/chirpstack-gateway-bridge/certs/fullchain.pem"
ca_cert="/etc/chirpstack-gateway-bridge/certs/ca.crt"
#ca_cert="/etc/chirpstack-gateway-bridge/certs/fullchain.pem"
#ca_cert=""
# Ping interval.
ping_interval="1m0s"
# Read timeout.
#
# This interval must be greater than the configured ping interval.
read_timeout="1m5s"
# Write timeout.
write_timeout="1s"
# Region.
#
# Please refer to the LoRaWAN Regional Parameters specification
# for the complete list of common region names.
region="AU_915_928"
# Minimal frequency (Hz).
frequency_min=915000000
# Maximum frequency (Hz).
frequency_max=928000000
#Concentrator configuration.
# This section contains the configuration for the SX1301 concentrator chips.
# Example:
[[backend.basic_station.concentrators]]
# Multi-SF channel configuration.
[backend.basic_station.concentrators.multi_sf]
# 916.8, 917.0, 917.2, 917.4, 917.6, 917.8, 918.0, 918.2 - 917.5
# Frequencies (Hz).
frequencies=[
916800000,
917000000,
917200000,
917400000,
917600000,
917800000,
918000000,
918200000,
]
# LoRa STD channel.
[backend.basic_station.concentrators.lora_std]
# Frequency (Hz).
frequency=917500000
# Bandwidth (Hz).
bandwidth=500000
# Spreading factor.
spreading_factor=7
# FSK channel.
# [backend.basic_station.concentrators.fsk]
# Frequency (Hz).
#frequency=868800000
[integration.mqtt.auth.generic]
server="tcp://127.0.0.1:1883"
username="chirpstack_gw"
password="chirpstack_gw"
I have been able to get SBS working fine in unsecured mode - i.e.
tls_cert=""
tls_key=""
ca_cert=""
However, when I try to use certs, I get output like this (note the router_uri is Null)
gatewaybridge@ip-172-31-40-150:~$ /usr/bin/bridge --log-level 5
INFO[0000] starting ChirpStack Gateway Bridge docs=“https://www.chirpstack.io/gateway-bridge/” version=3.6.0
INFO[0000] filters: NetID filter configured net_id=000000
INFO[0000] filters: JoinEUI range configured join_eui_from=0000000000000000 join_eui_to=ffffffffffffffff
INFO[0000] backend/basicstation: starting websocket listener bind=“172.31.40.150:3001” ca_cert=/etc/chirpstack-gateway-bridge/certs/ca.crt tls_cert=/etc/chirpstack-gateway-bridge/certs/server.crt tls_key=/etc/chirpstack-gateway-bridge/certs/server.key
INFO[0000] integration/mqtt: connected to mqtt broker
2020/01/16 16:02:56 http: TLS handshake error from 12.219.245.220:59758: EOF
INFO[0012] backend/basicstation: router-info request received gateway_id=c0ee40fffe2963d1 remote_addr=“12.219.245.220:59762” router_uri=
I originally tried using my Let’s Encrypt certs - copied to a directory and with permissions so the “gatewaybridge” user can access them.
This didn’t work - so as a last resort, I created a set of self-signed certs and tried those.
Same result - the router_uri is always null - which causes the SBS packet forwarder on the gateway to complain and restart.
Increasing the log level of the bridge didn’t help.
Note - since I couldn’t figure out how to keep the bridge from respawning after I killed it off, I copied it to /usr/bin/bridge and then chmod’d the original to -X to keep it from respawning automatically.
That allowed me to run the copy of the bridge binary manually.
Any help is appreciated.
thanks!
Jim