Skip to main content

Build 5 Web application

On the supplied devices, the app can be accesed as follow:

Remotley at https://openport.io/l/36701/Hml13gRqlf8l8006 or locally at http://pledge.local:8082/

Usage

Onboarding Process:

Onboarding

Onboard Button

Initiates the onboarding process for an IoT device, connecting it to a secure network. Start Onboarding: The application begins the onboarding process.

Disconnects from Wi-Fi: If the device is currently connected to any Wi-Fi network, it attempts to disconnect.

If the device is not active on a network, it may show an error but will proceed with the process.

Connects to brski-open Network: The device connects to an open Wi-Fi network named brski-open to discover the registrar.

Finds Registrar: The app looks for the registrar's IP address and port.

Runs BRSKI Commands: It executes the BRSKI (Bootstrapping Remote Secure Key Infrastructures) process, which includes:

Sending a voucher request to the registrar. Signing certificates with the registrar's information. Receives Certificates: The app retrieves signed certificates necessary for secure communication.

Disconnects from brski-open: After obtaining the certificates, the device disconnects from the brski-open network.

Connects to registrar-tls-ca Network: It connects to a secure network named registrar-tls-ca, which uses the obtained certificates for secure EAP-TLS authentication.

Completes Onboarding: The onboarding process is completed, and the device is now securely connected to the registrar-tls-ca network.

Offboarding Process:

Onboarding

Offboard Button

When you want to remove the IoT device from the secure network and delete its network profile, you use this button. Here's the offboarding sequence:

Begins Offboarding: The application starts the offboarding process for the IoT device.

Disconnects from Network: The device is disconnected from the current network (registrar-tls-ca).

Removes Connection Profile: The network connection profile for registrar-tls-ca is deleted from the device, ensuring it no longer automatically connects to this network.

Completes Offboarding: The device is now offboarded, and the secure connection profile is successfully removed.

The same functionality is directly accessible through scripts

For onboarding/offboarding we can run the following commands:

Onboard

sudo ./opt/demo-server/bash-scripts/onboard.sh

Offboard

sudo ./opt/demo-server/bash-scripts/offboard.sh

Build

Download the most recent arm64 debian package release

wget https://github.com/nqminds/nist-brski/releases/download/v0.0.1/brski-demo-app-deb_arm64.deb

Then please follow the installation instructions found in the nist-brski repository.

During installation, a PORT number must be specified for the service.

To publish the demo app locally, please follow the methods below.

  1. Install avahi-deamon
sudo apt install avahi-daemon
  1. Create a new service for the app and add it to /etc/avahi/services/demo-server.service
<!DOCTYPE service-group SYSTEM "avahi-service.dtd">
<service-group>
 <name replace-wildcards="yes">%h Demo Server</name>
  <service>
   <type>_demo-server._tcp</type>
   <port>YOUR_CHOSEN_PORT_NUMBER</port>
  </service>
</service-group>

  1. Restart the deamon
sudo service avahi-daemon restart
  1. Advertise the new service
avahi-publish -s demo-server _demo-server._tcp  YOUR_CHOSEN_PORT_NUMBER
  1. Publish using openport
sudo YOUR_CHOSEN_PORT_NUMBER --http-forward --restart-on-reboot --daemonize