|
|
|
Secure Provisioning is the first contact from qbert to figure out how the unit should be provisioned.
|
|
|
|
|
|
|
|
Device uses mDNS to discover one or more services that publish product-provisioner endpoints. The same device exposes an http server responding to the /bzt232hub02-provisioner endpoint.
|
|
|
|
|
|
|
|
Display list of services on device. or select if only one comes up.
|
|
|
|
|
|
|
|
> GET /bzt232hub02-provisioner?deviceId=10101010
|
|
|
|
|
|
|
|
Response:
|
|
|
|
```json
|
|
|
|
{
|
|
|
|
"product": "bzt232hub02",
|
|
|
|
"software": "rsync://ntn-mstevens-01.ntn.com:59144/site/BTUpdates",
|
|
|
|
"content": "rsync://ntn-mstevens-01.ntn.com:59144/site/BTContent",
|
|
|
|
"software-cache": "rsync://ntn-mstevens-01.ntn.com:59144/tablet/software",
|
|
|
|
"content-cache": "rsync://ntn-mstevens-01.ntn.com:59144/tablet/content",
|
|
|
|
"certificates": "rsync://ntn-mstevens-01.ntn.com:59144/site/CACerts",
|
|
|
|
"user": "git",
|
|
|
|
"password": "git",
|
|
|
|
"secrets": [
|
|
|
|
{"key": "jwt", "secret": "secret_value" },
|
|
|
|
{"key": "platform", "secret": "{....}" },
|
|
|
|
]
|
|
|
|
}
|
|
|
|
```
|
|
|
|
|
|
|
|
Upon receiving the above data:
|
|
|
|
|
|
|
|
Data | Disposition
|
|
|
|
--- | ---
|
|
|
|
certificates | certificates here are installed into the User CA Certs and registered by sha256
|
|
|
|
secrets | secrets are stored securely in the LockboxProvider until they can be transferred into BTSettings
|
|
|
|
software | all files in the folder are copied, to be installed according to the software manifest
|
|
|
|
content | all files are copied. When the content manifest is retrieved, the content is integrated into the MediaContentProvider
|
|
|
|
software-cache | files are copied into http software folder and organized for tablet software downloads
|
|
|
|
content-cache | files are copied into http content folder and organized for tablet content downloads |
|
|
|
\ No newline at end of file |
