You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: source/installation-guide/installation-guide.rst
+11-4Lines changed: 11 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -100,6 +100,12 @@ Once the path is added run:
100
100
101
101
More docker related troubleshooting can be found at: https://github.com/OS2iot/OS2IoT-docker#troubleshooting-faq
102
102
103
+
Security
104
+
--------
105
+
106
+
OS2IoT only supports tls 1.2+. It is however recommended to only use tls 1.3.
107
+
108
+
103
109
Running in Kubernetes
104
110
---------------------
105
111
@@ -292,9 +298,9 @@ Generate files:
292
298
293
299
4. Create the server key (for the broker) with the command: :code:`openssl genrsa -out server.key 2048`
294
300
295
-
6. Create the server signing request with the command: :code:`openssl req -new -out server.csr -key server.key`. You will be prompted to enter some informations. These values are not important, except one: "Common name". Common name HAS to be the ip/hostname of your broker. The rest of the values should not be exact the same as in step 4.
301
+
5. Create the server signing request with the command: :code:`openssl req -new -out server.csr -key server.key`. You will be prompted to enter some informations. These values are not important, except one: "Common name". Common name HAS to be the ip/hostname of your broker. The rest of the values should not be exact the same as in step 3.
296
302
297
-
7. Create the server certificate (that is signed by the CA) with this command: :code:`openssl x509 -req -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt -days 360`. You will be prompted to enter the password from step 3.
303
+
6. Create the server certificate (that is signed by the CA) with this command: :code:`openssl x509 -req -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt -days 360`. You will be prompted to enter the password from step 3.
298
304
299
305
If you want to get docker container with mosquitto running, then follow these steps:
300
306
@@ -304,7 +310,7 @@ If you want to get docker container with mosquitto running, then follow these st
304
310
305
311
3. Copy the files ca.crt and ca.key and place them in OS2IoT-backend/resources.
306
312
307
-
4. Update the :code:`MQTT_BROKER_HOSTNAME` with the ip/hostname that you used for step 4 and 6, and :code:`CA_KEY_PASSWORD` with the password that you entered in step 3 in the docker-compose.yml file placed in OS2IoT-docker.
313
+
4. Update the :code:`MQTT_BROKER_HOSTNAME` with the ip/hostname that you used for step 3 and 5, and :code:`CA_KEY_PASSWORD` with the password that you entered in step 2 in the docker-compose.yml file placed in OS2IoT-docker.
308
314
309
315
If you want to use kubernetes to host mosquitto then you need some futher steps.
310
316
@@ -318,4 +324,5 @@ Prerequisites: kubectl installed and accesible from path
318
324
319
325
4. Update the empty values in OS2IoT-docker/helm/charts/mosquitto-os2iot/values.yaml
320
326
321
-
5. Update the :code:`MQTT_BROKER_HOSTNAME` with the ip/hostname that you used for step 4 and 6 in the steps above, and :code:`CA_KEY_PASSWORD` with the password that you entered in step 3 in the steps above, in the file "OS2IoT-docker/helm/charts/os2iot-backend/deployment.yaml".
327
+
5. Update the :code:`MQTT_BROKER_HOSTNAME` with the ip/hostname that you used for step 3 and 5 in the steps above, and :code:`CA_KEY_PASSWORD` with the password that you entered in step 2 in the steps above, in the file "OS2IoT-docker/helm/charts/os2iot-backend/deployment.yaml".
0 commit comments