DeviceOn
  • Get Started
    • ⬇️Resources Download
    • 💡About DeviceOn
      • Feature Highlight
      • Cloud Versions
      • Agent Versions
      • Security Architecture
    • 🛠️Installation and Deployment
      • Server (Standard)
        • Windows
        • Ubuntu
        • Azure Marketplace
        • AWS Marketplace
      • Server (Enterprise)
        • Azure Kubernetes
      • Agent
        • Windows
        • Ubuntu
    • ⏲️Version History
      • Version 5.3.12
      • Version 5.2.4
      • Version 5.1.2
      • Version 5.0.3
      • Version 4.7.2
      • Version 4.6.3
      • Version 4.5.5
      • Version 4.4.2
      • Version 4.3.10
      • Version 4.3.3
      • Version 4.2.3
    • ❓FAQ
      • General
      • Technical
  • SECURITY STANDARD
    • ISA/IEC 62443
    • Compliance
  • User Interface & Functions
    • 💻Server (Standalone)
      • Server Management Tools
      • Background Service
  • 🖥️Agent
    • User Interface
    • Background Services
  • 🏠Web User Interface
    • Overview
    • Device Management
      • Device List
      • Real-time Monitoring & Rule Engine
      • Remote Control & Diagnostic
      • Device Data
      • Device Group
      • Task Management (Batch Control)
      • Provision & Configuration
      • Anomaly Detection
    • App Management (OTA)
    • Container Management
    • System Setting
    • Dashboard
    • Event Logs
    • Account Management
  • LAB
    • 📦Application (OTA)
      • Package and Deploy your Application
      • Security Update for Windows
      • Upgrade DeviceOn Agent in On-premises DeviceOn Server
  • 🔧Out-of-Band
    • Intel AMT
      • Local Management (iAMT)
      • Cross-Network Integration (Open AMT)
    • IPMI
    • AMD DASH
    • Advantech iBMC
    • Advantech EdgeBMC
  • 🌐System
    • Update DeviceOn Server to the Latest Version
    • Enabling Automated Backups and Restores from Backup Archives
    • Enable Passive Mode on FTP Server
    • Enable HTTPs for DeviceOn Web Service
    • License Management
  • ⚒️Managed Devices
    • Set up Device Thresholds and Enable Trigger Notifications
    • Set up the Application Watchdog and Enable Trigger Notifications
    • Visualize Device Data through Grafana Dashboards
    • Onboard Multiple Devices at Once
    • Securely Connect to DeviceOn using x.509 Certificates
    • Enable Windows Lockdown Features
Powered by GitBook
On this page
  • Prerequisite
  • Steps to Generate the Credential Files
  • Steps to Download the Credential Files from DeviceOn Server
  • Steps to Configure the Setting of DeviceOn Agent

Was this helpful?

  1. Managed Devices

Securely Connect to DeviceOn using x.509 Certificates

PreviousOnboard Multiple Devices at OnceNextEnable Windows Lockdown Features

Last updated 1 year ago

Was this helpful?

This section tries to teach you how to connect DeviceOn server through x509. There are two topics we will cover through this document. The first part will show you how to get the credential files from DeviceOn server. Another part will show you how to configure WISE-Agent and make it connect DeviceOn sever through x509.

Prerequisite

Your operation system should install the following software.

  • DeviceOn Server that is greater than version 4.4.2

  • WISEAgent

  • OpenSSL

Steps to Generate the Credential Files

In this session, you will learn how to create a private key file with OpenSSL command line tools. You can upload the created private key file to DeviceOn server and then download the zip file from server. To understand this SOP, you should have the knowledge of the following topics:

  • Generate the private key file with OpenSSL command line tool.

  • Get the credential files from DeviceOn server.

  • Step 1: Press Win+X to open the Command Prompt.

  • Step 2: Navigate to the OpenSSL bin directory.

  • Step 3: Enter the following command to generate a private key:

    openssl.exe genrsa –out private_key.pem 2048
  • Step 4: Once complete, you will find the name private_key.pem that under the directory.

Steps to Download the Credential Files from DeviceOn Server

  • Step 1: Sign in to the DeviceOn server portal.

  • Step 2: From the menu on the left, under Settings, select System.

  • Step 3: On the right panel, extend Certificate, select Upload and browser the private key file that you created before.

  • Step 4: If anything well, you should get a zip file named Certificate-xxxx-xx-xx.zip.

  • Step 5: Extract the zip file. There are two files in the zip. One is the client credential files named certificate.pem and another is the root certificate ca.pem.

Steps to Configure the Setting of DeviceOn Agent

In this session, you will learn how to configure the DeviceOn Agent and make it connect DeviceOn server through the credential files that generated previously. To understand this SOP, you should have the knowledge of the following topics: Where the agent’s configuration file is. Adjust the agent’s settings for connecting DeviceOn server through x509.

  • Step 1: Open the agent_config.xml that existed in the installation folder of DeviceOn Agent.

  • Step 2: Copy the credential files to a folder outside the DeviceOn Agent installation path. They should contain three files. Just like the following picture

  • Step 3: Open agent_config.xml with your familiar editor. There are four tags which you should adjust. They are TLSType, CAFile, CertFile and KeyFles.

  • Step 4: Configure the TLSType, CAFile, CertFile and KeyFile as below.

    • TLSType to 1.

    • CAFile to <Credential Path>\ca.pem

    • CertFile to <Credential Path>\certificate.pem

    • KeyFile to <Credential Path>\Private_Key.key

  • Step 5: Save agent_config.xml and reconnect to server. If anything goes well, the WISE-Agent should show connected.

⚒️