Technology Blogs by Members
Explore a vibrant mix of technical expertise, industry insights, and tech buzz in member blogs covering SAP products, technology, and events. Get in the mix!
Showing results for 
Search instead for 
Did you mean: 
Product and Topic Expert
Product and Topic Expert
In the last blog we create a "device" in SAP Cloud Plaform IoT service, pls check also the complete series:

  • Connect a device to the IoT service part 2 (via IoT Gateway Cloud) - (this blog)

Now its time to get data.......

We want connect our real "device" (The TI Sensor Tag) to SAP Cloud Plaform IoT service, as already mentioned i using here an Raspberry PI as my bridge to IoT service.

At the RPI we using "node-RED", which allows us on a graphical way to wiring our "TI Sensor Tag" and something more. For details please refer to the documentation.

How you can install node-RED can be found here.

At "node-RED" we need for our scenario the following "nodes" :



As we know that we connect to IoT service in a secure way by using MQTTS, "node-RED" needs therefore the "device" certificates.

Futhermore the certificates must be in the "PEM" format:

Get the certificates from IoT service

First we will download the certificates from the IoT service cockpit by clicking on the corresponding widget:

We store this "certificate" now on or local machine and extracting the archive.

After this is successfully extracted we got the following three files:


To achieve the requirement that "node-RED" needs here the "PEM" format we must do some steps:

  • Open the file an note down the password

  • Now open the "client.ks" file, i using here the "KeyStore Explorer" tool an enter the password. As result we cann now see our device cert.

  • The next step is now to export the keypair as "p.12" file, enter again the password and define now the password for this:

  • After this is successfully saved we cerate the "PEM" files by typing following openssl commands. For a detail description check pls the documentation. In short we will transform our "p12. file first into a "PEM" file and creating finally two files one with the public cert and one with the private cert:

openssl pkcs12 -in 22112211.p12 -out 22112211.pem
Enter Import Password: <pswd for the newly created p12 file>
MAC verified OK
Enter PEM pass phrase: <new pass phase for the PEM>
Verifying - Enter PEM pass phrase: <new pass phase for the PEM>

Remove the pass phrase from our "PEM" and writing also the public key:
openssl rsa -in 22112211.pem -out 22112211_priv.pem
Enter pass phrase for 22112211.pem: <the pass phrase whcih we´ve defined before>
writing RSA key
<now writing the public key (chain) into an the new pem file>
openssl x509 -in 22112211.pem >>22112211_chain.pem


If we now have a look into these two "PEM" files we can see we have our required certs for "node-RED".

Finally i store now the CA "PEM" file from m IoT service tenant direcly from the browser.

As result we´ve now the three required files for "node-RED" to establish the connection.

Please copy now the files to a directory of your choice at the "Raspberry" and check that the "PI user" is allowed to access these files.

The node-RED modelling

In the MQTT node we must start the for connection to IoT service.

We add a new "MQTT Broker":

Entering the required data and create a new "tls-config":

Specify the path to our "PEM" files on the "RPI":

If we now deploy the flow we can see that our "MQTT" node is successfully connected to IoT service:

Also we see now on the IoT service that we are now connected.


Time to connect our TI Sensortag:

For this we add the "sensorTag" node to our flow and define the required data:

Finally we create two little functions which collect the measueremenst (Air Temperature and Luminosity) from the "TI Sensor Tag" and send the data in the right format to iot service:
if (typeof msg.payload.object !== "undefined" ){

msg.payload = {"measureIds":1, "values":msg.payload.object, "logNodeAddr": "1"};

return msg;

if (typeof msg.payload.lux !== "undefined" ){

msg.payload = {"measureIds":4, "values":msg.payload.lux, "logNodeAddr": "1"};

return msg;

We connect now our nodes and as result we have now this easy and simple flow:


Check what happen in IoT service

If we go back to IoT service and press the "Real-Time Measures" widget we can hopefully see our "live data":

An yeah whoot!......our data is now visible in IoT service ;o)

Please refere for more details to the offical documentation

If we go back to our initial screen we´ve now a working  flow from the device to IoT service via Raspberry PI:

In the next blog i will explain how we can create a device via the API of IoT service.




Labels in this area