Hello, haven’t seen a topic with this specific problem so decided to create one:
I have Tektelic Kona Micro Gateway running with a UDP packet forwarder on my private The Things Stack. I am trying to switch it to Basic Station with CUPS and LNS. I have followed the guide for this specific gateway:
https://www.thethingsindustries.com/docs/gateways/tektelickonamicro/lbs/
As well as the guide on the Tektelic website:
https://support.tektelic.com/portal/en/kb/articles/https-support-tektelic-com-portal-en-kb-articles-basic-station-interface-for-ttnv3
However, the gateway refuses to authenticate and constantly tries to reconnect:
Dec 17 14:30:56 kona-micro tek_bstn[1878]: [DEBUG ] bridge_bstn_cups.c:1002 CUPS request body: { "router": "{ACTUAL_GATEWAY_EUI}", "cupsUri": "https:\/\/{ACTUAL_SERVER}:443", "cupsCredCrc": 3885030636, "tcCredCrc": 4146526812, "station": "Tektelic Kona gateway", "model": "micro", "package": "Tektelic Basic Station", "tcUri": "wss:\/\/{ACTUAL_SERVER}:8887" }
Dec 17 14:30:56 kona-micro tek_bstn[1878]: [DEBUG ] bridge_bstn_cups.c:1012 using CUPS request URI: https://{ACTUAL_SERVER}:443/update-info
Dec 17 14:30:56 kona-micro tek_bstn[1878]: [DEBUG ] bridge_bstn_cups.c:1057 performing CUPS request
Dec 17 14:30:56 kona-micro tek_bstn[1878]: [DEBUG ] bridge_bstn_cups.c:1082 using token for client auth
Dec 17 14:30:56 kona-micro tek_bstn[1878]: [DEBUG ] bridge_bstn_cups.c:1102 constructed auth header: "Authorization: Bearer {ACTUAL_CUPS_API_KEY}"
Dec 17 14:30:57 kona-micro tek_bstn[1878]: [DEBUG ] bridge_bstn_cups.c:1150 CUPS response code: 401
Dec 17 14:30:57 kona-micro tek_bstn[1878]: [WARN ] bridge_bstn_cups.c:1231 CUPS main credentials auth error: trying backup creds instead
Dec 17 14:30:57 kona-micro tek_bstn[1878]: [ERROR ] bridge_bstn_cups.c:890 missing mandatory key file /etc/bstn/cups.bak.key from backup set
Dec 17 14:30:57 kona-micro tek_bstn[1878]: [WARN ] main_bstn.c:162 non-critical error raised: [-2]
Dec 17 14:30:57 kona-micro tek_bstn[1878]: [WARN ] main_bstn.c:163 restarting Basic Station in 20 seconds...
At the server side, I get the following logs:
stack_1 | 2021-12-16T19:52:31.545927630Z DEBUG Run database query {"duration": 0.002, "grpc.method": "GetIdentifiersForEUI", "grpc.service": "ttn.lorawan.v3.GatewayRegistry", "namespace": "db", "query": "SELECT id, created_at, updated_at, deleted_at, gateway_id, gateway_eui FROM \"gateways\" WHERE \"gateways\".\"deleted_at\" IS NULL AND ((gateway_eui = $1)) ORDER BY \"gateways\".\"id\" ASC LIMIT 1", "request_id": "01FQ2CV9HQEFAZ1C8517V3DZ3P", "rows": 1, "source": "gateway_store.go:118", "values": ["{ACTUAL_GW_EUI}"]}
stack_1 | 2021-12-16T19:52:31.546520958Z INFO Finished unary call {"duration": 0.0032, "grpc.method": "GetIdentifiersForEUI", "grpc.service": "ttn.lorawan.v3.GatewayRegistry", "namespace": "grpc", "peer.address": "pipe", "request_id": "01FQ2CV9HQEFAZ1C8517V3DZ3P"}
stack_1 | 2021-12-16T19:52:31.546923979Z DEBUG Found gateway for EUI {"gateway_eui": "{ACTUAL_GW_EUI}", "gateway_uid": "kona-micro-eugene", "http.method": "POST", "http.path": "/update-info", "namespace": "web", "peer.address": "{IP_ADDRESS}:44184", "peer.real_ip": "{IP_ADDRESS}", "request_id": "01FQ2CV9HPZ9APPYC8PJWTKR3R"}
stack_1 | 2021-12-16T19:52:31.549091367Z DEBUG Run database query {"duration": 0.001, "gateway_eui": "{ACTUAL_GW_EUI}", "http.method": "POST", "http.path": "/update-info", "namespace": "db", "peer.address": "{IP_ADDRESS}:44184", "peer.real_ip": "{IP_ADDRESS}", "query": "SELECT * FROM \"api_keys\" WHERE (\"api_keys\".\"api_key_id\" = $1) ORDER BY \"api_keys\".\"id\" ASC LIMIT 1", "request_id": "01FQ2CV9HPZ9APPYC8PJWTKR3R", "rows": 1, "source": "api_key_store.go:117", "values": ["VZ2JQWPEV4ZOSGVAXRED5UOO2SUASXCFBRYMXHI"]}
stack_1 | 2021-12-16T19:52:31.550556811Z DEBUG Run database query {"duration": 0.001, "gateway_eui": "{ACTUAL_GW_EUI}", "http.method": "POST", "http.path": "/update-info", "namespace": "db", "peer.address": "{IP_ADDRESS}:44184", "peer.real_ip": "{IP_ADDRESS}", "query": "SELECT id as uuid, gateway_id as friendly_id FROM \"gateways\" WHERE (id in ($1))", "request_id": "01FQ2CV9HPZ9APPYC8PJWTKR3R", "rows": 1, "source": "membership.go:73", "values": ["04949449-69b2-4023-b442-7a9498fffc5e"]}
stack_1 | 2021-12-16T19:52:31.554131905Z DEBUG Run database query {"duration": 0.001, "gateway_eui": "{ACTUAL_GW_EUI}", "http.method": "POST", "http.path": "/update-info", "namespace": "db", "peer.address": "{IP_ADDRESS}:44184", "peer.real_ip": "{IP_ADDRESS}", "query": "SELECT id, created_at, updated_at, deleted_at, gateway_id, gateway_eui, status_public, location_public FROM \"gateways\" WHERE \"gateways\".\"deleted_at\" IS NULL AND ((gateway_id = $1)) ORDER BY \"gateways\".\"id\" ASC LIMIT 1", "request_id": "01FQ2CV9HPZ9APPYC8PJWTKR3R", "rows": 1, "source": "gateway_store.go:118", "values": ["kona-micro-eugene"]}
stack_1 | 2021-12-16T19:52:31.554905184Z INFO Client error {"auth.token_id": "VZ2JQWPEV4ZOSGVAXRED5UOO2SUASXCFBRYMXHI", "auth.token_type": "APIKey", "duration": 0.0119, "error": "error:pkg/basicstation/cups:unauthenticated (call was not authenticated)", "http.method": "POST", "http.path": "/update-info", "http.status": 401, "namespace": "web", "peer.address": "{IP_ADDRESS}:44184", "peer.real_ip": "{IP_ADDRESS}", "request_id": "01FQ2CV9HPZ9APPYC8PJWTKR3R"}
I do not understand why the API key is not authenticated, since I have another gateway on the same network (Laird Sentrius) setup for Basic Station with the same certificate and URI, the only difference being of course different API keys, and it works without a problem. I have set up both CUPS and LNS API keys used by the Tektelic Kona Micro in the Gateway section:
So my problem is essentially getting Basic Station to work on the Tektelic gateway - it gives me the “401 - call was not authenticated” error even though I have set the API key for this gateway.
Any help much appreciated, thanks.