9.5. CLI Provisioning

9.5.1. Generating keys and certificates

For generating keys and certificates, following scripts generates using openssl.

  • GenerateAWSCredentials.py

  • GenerateAZURECredentials.py

  • GenerateGCPCredentials.py

  • GenerateIBMCredentials.py

The generated keys and certificates shall be available in pycli/Provisioning/gcp, pycli/Provisioning/ibm, pycli/Provisioning/azure and pycli/Provisioning/aws directories.

9.5.2. Provisioning for the demo

Generated keys and certificates are used to provision the secure element using ResetAndUpdate_GCP.py, ResetAndUpdate_IBM.py, ResetAndUpdate_AZURE.py and ResetAndUpdate_AWS.py scripts for gcp, ibm, azure and aws cloud demo respectively.

Note

Default auth type in provisoning script is always None

9.5.3. Steps to provision your device for demo on Windows

Provisioning on windows can be done in two ways.

  • Using precompiled binaries

  • Using python scripts

9.5.3.1. Using precompiled binaries

Precompiled binaries available in binaries/PCWindows/ssscli directory. Can generate certificates and provision the secure element by simply running these binaries.

  1. For GCP, create certificate and provision, call:

    Provision_GCP.exe <COM_PORT>
    
  2. For IBM, create certificate and provision, call:

    Provision_IBM.exe <COM_PORT>
    
  3. For AWS, create certificate and provision, call:

    Provision_AWS.exe <COM_PORT>
    
  4. For AZURE, create certificate and provision, call:

    Provision_AZURE.exe <COM_PORT>
    

The generated keys and certificates shall be available in binaries/PCWindows/ssscli/gcp, binaries/PCWindows/ssscli/ibm, binaries/PCWindows/ssscli/aws and binaries/PCWindows/ssscli/azure directories.

9.5.3.2. Using Python scripts

  1. Complete Section 9.3 Steps needed before running ssscli tool

  2. from pycli directory, run:

    call venv\Scripts\activate.bat
    cd Provisioning
    
  3. Check the vcom port number

  4. For GCP, create certificate and provision, call:

    python GenerateGCPCredentials.py <COM_PORT>
    python ResetAndUpdate_GCP.py <COM_PORT>
    
  5. For IBM, create certificate and provision, call:

    python GenerateIBMCredentials.py <COM_PORT>
    python ResetAndUpdate_IBM.py <COM_PORT>
    
  6. For AWS, create certificate and provision, call:

    python GenerateAWSCredentials.py <COM_PORT>
    python verification_certificate.py <interCA_Certificate> <interCA_Keypair> <verification_code>
    python ResetAndUpdate_AWS.py <COM_PORT>
    
  7. For AZURE, create certificate and provision, call:

    python GenerateAZURECredentials.py <COM_PORT>
    python verification_certificate.py <interCA_Certificate> <interCA_Keypair> <verification_code>
    python ResetAndUpdate_AZURE.py <COM_PORT>
    
  8. Flash the demo on to the board

9.5.4. Steps to provision your device for demo on iMX or Raspberry Pi

  1. Complete Section 9.3 Steps needed before running ssscli tool

  2. from pycli directory, run:

    cd Provisioning
    
  3. For GCP, create certificate and provision, call:

    python3 GenerateGCPCredentials.py
    python3 ResetAndUpdate_GCP.py
    
  4. For IBM, create certificate and provision, call:

    python3 GenerateIBMCredentials.py
    python3 ResetAndUpdate_IBM.py
    
  5. For AWS, create certificate and provision, call:

    python3 GenerateAWSCredentials.py
    python3 verification_certificate.py <interCA_Certificate> <interCA_Keypair> <verification_code>
    python3 ResetAndUpdate_AWS.py
    
  6. For AZURE, create certificate and provision, call:

    python3 GenerateAZURECredentials.py
    python3 verification_certificate.py <interCA_Certificate> <interCA_Keypair> <verification_code>
    python3 ResetAndUpdate_AZURE.py
    
  7. Flash the demo on to the board