diff options
| -rw-r--r-- | README.adoc | 12 | 
1 files changed, 7 insertions, 5 deletions
| diff --git a/README.adoc b/README.adoc index a2b0e3d..03a588a 100644 --- a/README.adoc +++ b/README.adoc | |||
| @@ -200,14 +200,16 @@ oe-selftest --run-tests updater | |||
| 200 | For more information about oe-selftest, including details about how to run individual test modules or classes, please refer to the https://wiki.yoctoproject.org/wiki/Oe-selftest[Yocto Project wiki]. | 200 | For more information about oe-selftest, including details about how to run individual test modules or classes, please refer to the https://wiki.yoctoproject.org/wiki/Oe-selftest[Yocto Project wiki]. | 
| 201 | 201 | ||
| 202 | == Manual provisoning | 202 | == Manual provisoning | 
| 203 | |||
| 203 | As described in <<sota-related-variables-in-localconf,SOTA-related variables in local.conf>> section you can set `SOTA_DEPLOY_CREDENTIALS` to `0` to prevent deploying credentials to the built `wic` image. In this case you get a generic image that you can use e.g. on a production line to flash a series of devices. The cost of this approach is that this image is half-baked and should be provisioned before it can connect to the backend. | 204 | As described in <<sota-related-variables-in-localconf,SOTA-related variables in local.conf>> section you can set `SOTA_DEPLOY_CREDENTIALS` to `0` to prevent deploying credentials to the built `wic` image. In this case you get a generic image that you can use e.g. on a production line to flash a series of devices. The cost of this approach is that this image is half-baked and should be provisioned before it can connect to the backend. | 
| 204 | 205 | ||
| 205 | Provisioning procedure depends on your provisioning recipe, i.e. the value of `SOTA_CLIENT_PROV` (equal to `aktualizr-auto-prov` by default). | 206 | Provisioning procedure depends on your provisioning recipe, i.e. the value of `SOTA_CLIENT_PROV` (equal to `aktualizr-auto-prov` by default): | 
| 207 | |||
| 206 | * For `aktualizr-auto-prov` put your `credentials.zip` to `/var/sota/sota_provisioning_credentials.zip` on the filesystem of a running device. If you have the filesystem of our device mounted to your build machine, prefix all paths with `/ostree/deploy/poky` as in `/ostree/deploy/poky/var/sota/sota_provisioning_credentials.zip`. | 208 | * For `aktualizr-auto-prov` put your `credentials.zip` to `/var/sota/sota_provisioning_credentials.zip` on the filesystem of a running device. If you have the filesystem of our device mounted to your build machine, prefix all paths with `/ostree/deploy/poky` as in `/ostree/deploy/poky/var/sota/sota_provisioning_credentials.zip`. | 
| 207 | * For `aktualizr-ca-implicit-prov` | 209 | * For `aktualizr-ca-implicit-prov` | 
| 208 | ** put URL to the used backend (together with protocol prefix and port number) to `/var/sota/gateway.url`. If you're using HERE OTA Connect, you can find the URL in `autoprov.url` file in your credentials archive. | 210 | ** put URL to the backend server (together with protocol prefix and port number) at `/var/sota/gateway.url`. If you're using HERE OTA Connect, you can find the URL in the `autoprov.url` file in your credentials archive. | 
| 209 | ** put client certificate, private key and root CA certificate (for the *server*, not for the *device*) to `/var/sota/import/client.pem`, `/var/sota/import/pkey.pem` and `/var/sota/import/root.crt` respectively. | 211 | ** put client certificate, private key and root CA certificate (for the *server*, not for the *device*) at `/var/sota/import/client.pem`, `/var/sota/import/pkey.pem` and `/var/sota/import/root.crt` respectively. | 
| 210 | * For `aktualizr-hsm-prov` | 212 | * For `aktualizr-hsm-prov` | 
| 211 | ** put URL to the used backend (together with protocol prefix and port number) to `/var/sota/gateway.url`. If you're using HERE OTA Connect, you can find the URL in `autoprov.url` file in your credentials archive. | 213 | ** put URL to the server backend (together with protocol prefix and port number) at `/var/sota/gateway.url`. If you're using HERE OTA Connect, you can find the URL in the `autoprov.url` file in your credentials archive. | 
| 212 | ** put root CA certificate (for the *server*, not for the *device*) to `/var/sota/import/root.crt`. | 214 | ** put root CA certificate (for the *server*, not for the *device*) at `/var/sota/import/root.crt`. | 
| 213 | ** put client certificate and private key to slots 1 and 2 of the PKCS#11-compatible device. | 215 | ** put client certificate and private key to slots 1 and 2 of the PKCS#11-compatible device. | 
