When a shipment file is imported, the key and secret in the shipment file will be set as the active
PSK.
Also, a new PSK will be generated and set to status READY.
To test this flow locally:
- If you have previously run the crest device service with the
test-dataprofile, and you wish to test this new flow, delete the database container to clear the existing data, then run the service without thetest-dataprofile. - Set
crest-device-service.psk.change-initial-psktotrue. - Run the crest device service, the shipment file processor and maki connect light.
- Upload the
test_shipment_file.jsonfile to the shipment file processor. - There should be an active and a ready psk in the database.
- Run the coap-http proxy.
- Run the simulator.
- When the crest device service receives a message from the device (simulator), a psk set command will be sent in the downlink response to the device (simulator). The new key will be set to pending.
- When the crest device service receives a success result code in the subsequent message from the device (simulator), the pending key will be set to active and the old key will become inactive.
- When the crest device service receives a failure result code in the subsequent message from the device (simulator), the pending key will be set to invalid.
Communication between the COAP HTTP Proxy and the Crest device service should be encrypted using mutual TLS.
The repositories contain test certificates that can be used for local testing. (they are not included in the jar or docker image) They can be also be (re)generated using the generate_certificates.sh script.