I am trying to register my IoT device using a generated Service account json credentials. The underlying library is a MQTT (bridge) and google-cloud/iot (nodejs) - this repo (https://github.com/balena-io-examples/google-iot), or this documentation for details.
The service account json is pasted within the ENV
variable GOOGLE_IOT_SERVICE_ACCOUNT_TOKEN
as a single line json formatted.
When it tries to register the device and add it to the registry automatically I am getting the following error:
[Google IoT] Connecting to Google IoT Core ...
[Google IoT] Device ID: id-00000000000000000000000000000000
[Google IoT] Project: google-iot-project-id
[Google IoT] Region: google-iot-region
[Google IoT] Registry: google-iot-registry
[Google IoT] Device with name id-00000000000000000000000000000000 not registered. Attempting to register...
Generating a RSA private key
........................+++++
................................................................................................................................................................................................................+++++
writing new private key to 'rsa-priv.pem'
-----
read EC key
writing EC key
[MQTT] Refreshing jwt token ...
{ host: 'mqtt.googleapis.com',
port: 8883,
clientId:
'projects/google-iot-project-id/locations/google-iot-region/registries/google-iot-registry/devices/id-00000000000000000000000000000000',
username: 'unused',
password:
'generated-password',
protocol: 'mqtts',
secureProtocol: 'TLSv1_2_method',
project: 'google-iot-project-id' }
[MQTT] Opening connection ...
(node:156) UnhandledPromiseRejectionWarning: Error: 7 PERMISSION_DENIED: The signature of device credential in position 0 could not be verified against any registry certificate.
at Object.callErrorFromStatus (/app/node_modules/@grpc/grpc-js/build/src/call.js:31:26)
at Object.onReceiveStatus (/app/node_modules/@grpc/grpc-js/build/src/client.js:179:52)
at Object.onReceiveStatus (/app/node_modules/@grpc/grpc-js/build/src/client-interceptors.js:336:141)
at Object.onReceiveStatus (/app/node_modules/@grpc/grpc-js/build/src/client-interceptors.js:299:181)
at process.nextTick (/app/node_modules/@grpc/grpc-js/build/src/call-stream.js:145:78)
at processTicksAndRejections (internal/process/task_queues.js:79:9)
(node:156) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). (rejection id: 1)
(node:156) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.
[MQTT] MQTT error { Error: Connection refused: Not authorized
Has anyone faced any issues using NodeJS libraries to register & use Google IoT (Core) cloud service?
Am I doing something wrong? Any help is very appreciated!