How to add the 2.4.0 uCentral device to the TIP CloudSDK?

Refer to the previous topic.

We have a TIP 2.4.0 uCentral AP now. Let’s continue adding the AP to the uCentral CloudSDK.

Please contact support@edge-core.com and tell us your device model, serial number, and MAC address.

About CloudURL, please tell us if you want to add the TIP OpenWiFi AP to the ecCloud service, or do you have a local uCentral Gateway with its own DNS.

Refer to TIP Confluence.

Take my ECW5211-L(T-US) as an example.
The device MAC=34:EF:B6:28:E4:E8

eth0      Link encap:Ethernet  HWaddr 34:EF:B6:28:E4:E8
          inet addr:10.28.224.60  Bcast:10.28.255.255  Mask:255.255.224.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:6155434 errors:0 dropped:113836 overruns:0 frame:0
          TX packets:6276 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:1540873943 (1.4 GiB)  TX bytes:1425209 (1.3 MiB)

We have a uCentral CloudSDK installed in our lab with URL= staging-ucentralgw.ignitenet.com

Edgecore TIP Support Team will reply to your email with DigiCert Certificate.

accton_support@dev8:~$ cd EdgeCore_wlan-pki-cert-scripts/
accton_support@dev8:~/EdgeCore_wlan-pki-cert-scripts$ ./generate-ap-certs-20.sh EdgeCore 34:EF:B6:28:E4:E8 staging-ucentralgw.ignitenet.com

image
This is the certificates.
SCP the files to AP, under /etc/ucentral.


Run the command /etc/init.d/firstcontact reload

root@34efb628e4e8:/etc/ucentral# /etc/init.d/firstcontact reload
Command failed: Not found
Command failed: Not found
Command failed: Not found
Command failed: Not found
Command failed: Not found
Command failed: Not found
Command failed: Not found
Command failed: Not found
Command failed: Not found
Command failed: Not found
Command failed: Not found
Command failed: Not found
udhcpc: started, v1.33.1
udhcpc: sending discover
udhcpc: no lease, failing

These are the normal messages. It’s alright.

Verify that /etc/config-shadow/ucentral contains the CloudURL set while creating the certificates.

image

To verify whether the cloud has responded to the AP: logread | grep ucentral

  1. If successful, it would show: “daemon.info ucentral: running health task
  2. If unsuccessful, it would show: “daemon.info ucentral: connection not successful”

To verify whether the ucentral is working: service ucentral status

root@34efb628e4e8:/etc/config-shadow# service ucentral status
running

The below image shows I had added my AP into the https://staging-ucentralgw.ignitenet.com/#/

Note: I use FireFox, and access to the below addresses to get HTTPS certificate.
https://staging-ucentralgw.ignitenet.com:16001
https://staging-ucentralgw.ignitenet.com:16002
https://staging-ucentralgw.ignitenet.com:16004

Thanks for @peifang 's reference. When TIP AP v1.x is upgraded to TIP AP v2.x, the client just needs to do three things to re-use the existing certificate files.

There is a migration step in TIP document.

Upgrade OpenWiFi 1.x to OpenWiFi 2.x Devices - Open Converged Wireless - Confluence (atlassian.net)

Since the certificate related files are in different names

OpenWiFi 1.0 OpenWiFi 2.0
client.pem cert.pem
client_dec.key key.pem
deviceid.txt dev-id

We need to change the certificate names and locations in order to make it work from 1.x to 2.x.

The DigiCert certificate files created for TIP v.1x can still be used for TIP v.2x. The content format is the same. Just different files name are used.

  1. Rename the four certificate files to cas.pem, cert.pem, key.pem, dev-id

  2. Copy the four files to the expected directories – /etc/ucentral and /certificates

  3. Reload the certificates by run
    /etc/init.d/firstcontact reload

  4. If the redirector URL has been changed, it is best to reset the AP to factory default once, so to force the AP to query the redirector URL from DigiCert’s database