Manual Provisioning
Follow these steps to do a manual device provisioning:
- Generate the device certificate (eg using openssl) and sign it with your CA.
- Log in to Azure Portal, Go to Azure Iot Hub and create a new device
- Select the proper authentication type, e.g. X.509 Self-signed or X.509 CA Signed
- Copy the device certificate (cert file and key file) to the device to
/data/var/certificate
- Restart cloud connector service or container.
Create a device in Azure IoT Hub
For the device to be connectable, it needs to be known to the cloud service first. In these steps, we will create a new device identity by using Azure IoT Hub.
Pre-Requisites:
-
Virtual device must already be started with
runqemu ...
orleda
Note: For Raspberry Pi, please follow the manual steps below and adapt the SSH connection options to the IP of your Raspbery Pi.
-
The virtual device needs to be remotely accessible via ssh port
2222
on the host’slocalhost
(Qemu port forwarding in userspace) or via ssh port22
on the IP address192.168.7.2
(Qemu virtual networking using TAP network interface) -
The container runtime needs to have started successfully, check with
sdv-health
-
A Device has been created in Azure IoT Hub
Note: Do NOT create an “edge” device.
Configure authentication on device
For the proper device authentication, the device management backend authority needs to issue a device-specific certificate and sign it. This is a complex process and subject to the specific situation.
For the Leda quickstart images, the software configuration is prepared with dummy certificates which need to be replaced.
ATTENTION: The Leda example device certificates are public and insecure, they only serve demonstration purposes. You need to replace the intermediate certificates and device certificates with your own.
- Generate a device certificate using openssl
- Sign it with your intermediate CA certificate
- Put it into
/data/var/certificate/
- Restart the cloud connector service or container:
systemctl restart cloud-connector
orkanto-cm stop -n cloudconnector --force; kanto-cm start -n cloudconnector
When finished, continue with
Private container registries
Please refer to the Container Registries on how to configure private container registries.
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.