Pages1

TLS/SSL communication via MQTT: Generating Certificates using Openssl


Encryption/ Decryption part TLS/SSL communication via MQTT
Generation TLS/SSL related CA and certificates:
1.      Generating server key
openssl genrsa -des3 -out server.key 4096
2.      Generate server signing request
            openssl req -new -key server.key -out server.csr
3.      Genrating certificate authority key
openssl genrsa -des3 -out ca.key 4096
4.      Generating certificate authority
openssl req -new -x509 -days 365 -key ca.key -out ca.crt
5.  Singing server certificate with certificate authority
openssl x509 -req -days 365 -in server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crt
Below is the list of final file user should post executing above mentioned steps
Generated files using openssl
-rw-rw-r-- 1 vikram vikram 2065 May 14 18:20 ca.crt        ---  Certificate Authority
-rw-rw-r-- 1 vikram vikram 3311 May 14 18:19 ca.key       ---  CA key
-rw-rw-r-- 1 vikram vikram 1956 May 14 18:21 server.crt   ---- Server Certificate
-rw-rw-r-- 1 vikram vikram 1744 May 14 18:15 server.csr  ---- Server Certificate signing request
-rw-rw-r-- 1 vikram vikram 3311 May 14 18:14 server.key      ---- Server Key


Steps to be taken for user authorization
Generating password file
mosquitto_passwd -c /etc/mosquitto/passwd  username
To append new user
mosquitto_passwd -U /etc/mosquitto/passwd uasername1
Place password file under dir:
/etc/mosquito/passwd/
Configuration Changes need at server end
  mosquitto.conf file ( Changes Needed to start server)
  port 8883
  bind_address vikram-Veriton
  cafile   /home/vikram/check/ca.crt
  certfile /home/vikram/check/server.crt
  keyfile /home/vikram/check/server.key
  tls_version tlsv1
  password_filwe /etc/mosquito/passwd
at No comments:
Labels: ,

Booting Panda Board with UBUNTU

To booting Panda Board with Ubuntu OS. Below is the instruction set to follow
Requirements:
1. Download  binary of UBUNTU OS
2. 8GB SD card
3. UBUNTU machine to facilitates flashing of UBUNTU binary on SDCARD
4. DVI-VGA or HDMI -VGA display cable
5. In case willing to start execution on boot prompt;
      A) USB to serial cable needed.
      B) minicom in UBUNTU PC

Commands to execute to achieve this:
1. Connect SD card with UBUNTU machine
2. Check if it is mounted  use command
    $ df -u
    $ ls -l /dev/sdxx     - x- A,B,C,
                                     x - 0,1,2 etc
----------------------------------------------------------------------------------------------------------


Check the enumerated ports using command “df”, port should be like /dev/sd*1( sda1 may be sdb1, sdb2 , sdc1, sdc2)
Example output should be like below
------------------------------------------------------------------------
vikram@vikram:~/Desktop/omap$ df
Filesystem     1K-blocks     Used Available Use% Mounted on
/dev/sda6      235660072 11186420 212502788   6% /
udev             1991592  1894400     97192  96% /dev
tmpfs             799564      828    798736   1% /run
none                5120        0      5120   0% /run/lock
none             1998908      156   1998752   1% /run/shm
/dev/sda1      241061564   957748 227858560   1% /media/3dc415af-0f2c-4687-9a05-dbe7d0246ec9
/dev/sda1      241061564   957748 227858560   1% /home/vikram/phone
/dev/sdb1        3863040   553708   3309332  15% /media/D0B8-D3A5
------------------------------------------------------------------------------- 

if sdcard partison are mounted; if yes unmount then
 use command
$ umount  /dev/sdxx

3. Write UBUNTU binary on SD card using below command it will a "raw data write"
Go to directory where you kept binary in .gz format and execute  below command:
zcat ./ubuntu-12.04-preinstalled-desktop-armhf+omap4.img.gz |sudo dd bs=4M of=/dev/sdb 

4. run command to sync
    $ sudo sync

5. Takeout card from Ubuntu/LINUX PC and insert in Panda Board SD Card slot, and power up the board.


Looking into Panda Board boot Prompt: 
1.       Install “minicom” in Linux environment 
2.        Connect “DB-9 to USB converter( serial cable) 
A)     DB-9 on Panda Board 
B)      USB on Linux based PC 
C)      Check the enumerated UBS port it should be like /dev/ttyUSB* 
D)     Enumerated port can be check using command 
-          Sudo tail –f /log/syslog 
-          Or using else  “dmesg” command 
3.       Execute Minicom with enumerated port( /dev/ttyUSB*) with baud rate 115200
        Sudo minicom –D /dev/ttyUSB* -b 115200  
You will be able to see Panda board boot prompt in connected Linux machine

at No comments:
Labels: , ,
Subscribe to: Posts (Atom)