On Thu, Sep 29, 2016 at 10:48 AM, Heldt-Sheller, Nathan < nathan.heldt-sheller at intel.com> wrote:
> Hi Gregg, > > > > Yes, you should be able to statically provision the .db file (i.e. > provision the device out-of-band/sidechannel, without going through for > example the JustWorks Owner Transfer Method per-se). > > > However, please note that there is more to that than just providing ACLs. > The onboarding process also sets up various values in the /doxm, /pstat and > /cred resources, as well as the /acl resource. So you?ll want to make sure > that the values for those resources are correct if you don?t want to use > the onboarding tool to configure them. The security sample apps (see > below) do it this way, too, by providing pre-configured .db files. See > ?resource/csdk/security/unittest/oic_svr_db_prov.json? for an example of > a .json file for a server device that is already onboarded and ready to run. > > > > To test your setup, the first thing is to make sure your SECURED=1 build > is working. Run the security-enabled unit tests and sample apps. See > ?./resource/csdk/security/README-building-and-running-secure-IoTivity-stack.txt?. > NOTE: I just looked at this README and the success check is unclear. You > should expect to see ?Secure = yes? for the secured resources that are > discovered, and ?Secure = no? for the unsecure resources. You?ll see what > I mean if you follow the README. FYI there is a more ?fully documented? > version of this same info on the IoTivity wiki: https://wiki.iotivity.org/ > security_resource_manager#guidelines_on_building_ > applications_with_security_enabled > > > > The next thing to try is to follow the instructions for modifying the ACL > to include an ACE (Access Control Entry) for your application resource. > See the section ?SVR Database Format Conversion? in the same wiki page > above (there?s not a bookmark currently to that heading; there should be). > > > > That **should** all work as documented, but I haven?t tested in a few > months, so if something is broken/wrong in the wiki, please let me know and > I?ll troubleshoot. > > > Thanks, Nathan, that's about what I thought. Went through it all again and decided I must have screwed up json2cbor. Sure enough, I had built it with the source in extlibs rather than security/tool. :( Thanks for taking a look. Gregg -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.iotivity.org/pipermail/iotivity-dev/attachments/20160929/7925c0e4/attachment.html>
