User Manual
• Generate the server certificate.
# openssl genrsa -out server.key 4096
# openssl req -new -key server.key -out server.csr -subj /CN=demo.example.com
# openssl ca -days 365 -in server.csr -out server.crt \
-keyfile ca.key -policy policy_anything -batch -notext
NOTE The hostname or IP address must be the same string used in the serving URL. In the example
above, the hostname is demo.example.com.
• Generate the client certificate.
# openssl genrsa -out client.key 4096
# openssl req -new -key client.key -out client.csr -subj /CN=ExampleClient
# openssl ca -days 365 -in client.csr -out client.crt \
-keyfile ca.key -policy policy_anything -batch -notext
# cat client.key client.crt > client.pem
• Format a USB flash drive as a single FAT32 volume.
• Move the client.pem and ca-bundle.crt files onto the flash drive’s root directory.
Debugging ZTP issues
Use the ZTP log feature to debug ZTP issues. While the device is attempting to perform ZTP operations,
log information is written to /tmp/ztp.log on the device.
The following is an example of the log file from a successful ZTP run.
# cat /tmp/ztp.log
Wed Dec 13 22:22:17 UTC 2017 [5127 notice] odhcp6c.eth0: restoring config via
DHCP
Wed Dec 13 22:22:17 UTC 2017 [5127 notice] odhcp6c.eth0: waiting 10s for network
to settle
Wed Dec 13 22:22:27 UTC 2017 [5127 notice] odhcp6c.eth0: NTP skipped: no server
Wed Dec 13 22:22:27 UTC 2017 [5127 info] odhcp6c.eth0: vendorspec.1 =
'http://[fd07:2218:1350:44::1]/tftpboot/config.sh'
Wed Dec 13 22:22:27 UTC 2017 [5127 info] odhcp6c.eth0: vendorspec.2 (n/a)
Wed Dec 13 22:22:27 UTC 2017 [5127 info] odhcp6c.eth0: vendorspec.3 (n/a)
Wed Dec 13 22:22:27 UTC 2017 [5127 info] odhcp6c.eth0: vendorspec.4 (n/a)
Wed Dec 13 22:22:27 UTC 2017 [5127 info] odhcp6c.eth0: vendorspec.5 (n/a)
Wed Dec 13 22:22:28 UTC 2017 [5127 info] odhcp6c.eth0: vendorspec.6 (n/a)
Wed Dec 13 22:22:28 UTC 2017 [5127 info] odhcp6c.eth0: no firmware to download
(vendorspec.2)
backup-url: trying http://[fd07:2218:1350:44::1]/tftpboot/config.sh ...
backup-url: forcing wan config mode to DHCP
backup-url: setting hostname to acm7004-0013c601ce97
backup-url: load succeeded
Wed Dec 13 22:22:36 UTC 2017 [5127 notice] odhcp6c.eth0: successful config load
Wed Dec 13 22:22:36 UTC 2017 [5127 info] odhcp6c.eth0: no lighthouse
configuration (vendorspec.3/4/5/6)
Wed Dec 13 22:22:36 UTC 2017 [5127 notice] odhcp6c.eth0: provisioning completed,
not rebooting
Errors are recorded in this log.
3.15 Enrollment into Lighthouse
Use Enrollment into Lighthouse to enroll Opengear devices into a Lighthouse instance, providing
centralized access to console ports, and allowing central configuration of the Opengear devices.
See the Lighthouse User Guide for instructions for enrolling Opengear devices into Lighthouse.
To Next Page
Loading...
Need help?
General
