I am not sure if it is a bug or not. But at the Provisioning configurations I can’t seem to save my assets template. I’ve tried the example given in the guide, and less complex assets templates. It won’t save my assets template and won’t create a new asset when new user is connected.
The provisioning configs are working fine in; appreciate getting the asset template may not be the easiest process and there may have been inaccuracies in the wiki page which I have now updated:
Please let us know if this helps you get it working.
Thanks for updating the wiki made it a lot clearer. But it seems I still have the same issue. I can’t create a new provision or save an existing provision if my assets template has json content. Without content it can create a new one.
If an provision is already created, I can’t edit it and change settings like disabled, ignore expiry date, create restricted user and asset template.
Apologies there was a bug within the provisioning page which I had fixed but not pushed yet; the fix is now pushed so try a manager image newer than this post.
No worries, I can create now new provision with with the assets template containing content. So that part is working. The saving/ editing part seems still not to work for me. But for now I can live with creating it right the first time.
Update
After several different tries it seems that the assets won’t be added.
Saving/editing provisioning configurations works fine for me (the UI doesn’t show any indication which we should change), look in your browser network tab (Ctrl/Cmd+Shift+R) and save should send a PUT request to the backend, if that is failing then look at the manager logs for info.
Also I have confirmed locally using MQTT Box that assets are created; if your’s are not what response do you get on the provisioning response MQTT topic (provisioning/UNIQUE_ID/response)?
Sorry for the delayed response, I do see indeed that it is saved. But as you already said there was no feedback so I thought it did not change.
The creation of an asset is still a “problem”. It won’t create a new assets. The response I get is: {"type":"success","realm":"realm"}
EDIT
I’ve succesfully create one new asset. But if I try to create a new asset with the same autoprovision configuration, the response is the already created asset. I’ve tried changing the name and ID from %UNIQUE_ID% to something random. But it won’t create a new asset.
Second edit
The Unique id is given in the CA cert. Does this mean that for every new device a CA cert should be generated to be able to create new assets through autoprovision?
The %UNIQUE_ID% is used to calculate the asset ID so each client that connects must be unique which does indeed mean a client certificate per client, this is standard X.509 client authentication, it does put a burden on the flashing side but I know companies like espressif offer cert provisioning service which is what one of our clients is using.
There’s lots of ways to go here; we have also put an alternative HMAC authentication mechanism on the backlog for a less secure but easier to rollout alternative but don’t know when we might get to implement this.