CANedge2 Docs, Release FW 01.04.02
4. Generate a new Server Certificate Bundle without the soon-to-expire certificate and repeat step 2
and 3.
Warning: Above sequence assumes that both certificates are valid during the process.
Change to another S3 endpoint
1. Generate a Server Certificate Bundle (certs_server.p7b) with the current and new certificate(s)
2. Upload the Server Certificate Bundle to both the current and new S3 servers
3. Wait for the device file to show that both certificates have been loaded
4. Upload the new configuration file to both the current server with the updated server information
(pointen to the new server)
5. Wait for the device to connect to the new server (monitor either if the configuration file or device.
json is uploaded)
6. Generate a Server Certificate Bundle (certs_server.p7b) with only the new certificate(s)
7. Upload the Server Certificate Bundle to new S3 server
8. Wait for the device file to show that only the new bundle has been loaded
0.7.4 Security
This page describes how to create a secure connection between the CANedge and the S3 server.
0.7.4.1 Server security modes
The following describes three Server Security Modes. It is recommended to start using the Low Security
Mode and migrate to the Medium Security Mode or High Security Mode before the system goes live.
Medium Security Mode and High Security Mode use HTTPS (Transport Layer Security, TLS v1.2).
Below is an overview of the security modes:
Low Medium High
API credentials X X X
Transport security (TLS) X X
Server identity authentication (TLS) X X
Device identity authentication (TLS) X
Warning: High Security support is pending future firmware update
Low security mode
The security provided by the Low Security Mode is illustrated below:
54 CONTENTS
To Next Page
Loading...