检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
LwM2M/CoAP Authentication Introduction LwM2M/CoAP authentication supports both encrypted and non-encrypted access modes. Non-encrypted mode: Devices connect to IoTDA carrying the node ID through port 5683.
HTTPS Access Overview Hypertext Transfer Protocol Secure (HTTPS) is a secure communication protocol based on HTTP and encrypted using SSL. IoTDA supports communication through HTTPS.
IoTDA supports encrypted and non-encrypted access. Port 5684 and CoAP over DTLS are used for encrypted service data exchange and access. Port 5683 and CoAP are used for non-encrypted access. You are advised to use the encrypted access mode for security purposes.
The IoT platform supports encrypted and non-encrypted access. Port 5684 and CoAP over DTLS are used for encrypted service data exchange and access. Port 5683 and CoAP are used for non-encrypted access. For details about LwM2M syntax and APIs, see specifications.
Encrypted mode: Devices connect to IoTDA carrying node ID and secret through port 5684 by the DTLS/DTLS+ channel. You are advised to use the encrypted access mode for security purposes. For details about LwM2M syntax and APIs, see specifications.
For MQTT device connection authentication, carry the client ID, device ID, and encrypted device secret. For details, see Device Connection Authentication.
Obtain the value based on the client ID in Figure 1. password Encrypted password, which is the value of Password in Figure 1.
The device ID and secret are encrypted using an algorithm. After the authentication is successful, the connection between the device and the platform is established, and the platform returns an access token.
Password Enter the encrypted device secret obtained in 2. Click Connect. If the device authentication is successful, the device is displayed online on the platform.
You can use this tool to obtain the encrypted value. timeStamp Timestamp used for encrypting the password. The time format is YYYYMMDDHH. Figure 2 Example Initiating a Pressure Test In the JMeter directory on the left, choose Thread Group, set Number of Threads to 10000.
The MqttConnectOptions parameter is passed. 1 client.connect(options, null, new IMqttActionListener() The password passed by calling options.setPassword() is encrypted during creation of MqttConnectOptions. getPassword() is used to obtain the encrypted password. 1 2 3 4 5 6
Password Yes String(256) Encrypted device secret. The value of this parameter is the device secret encrypted by using the HMAC-SHA256 algorithm with the timestamp as the key. The device secret is returned by IoTDA upon successful device registration.
HTTPS: A secure communication protocol based on HTTP and encrypted using SSL. Modbus: Devices that access the platform with Modbus via IoT edge nodes (or child devices that connect to the platform through gateways) are indirectly connected devices.
The secret is encrypted using an algorithm. After the authentication is successful, the connection between the device and the platform is established, and the platform returns an access token.
Password Yes String Explanation: The value is the value of the device secret encrypted by using the HMAC-SHA256 algorithm with the timestamp (in YYYYMMDDHH format) as the key. The device secret is returned by IoTDA upon successful device registration.
Value range: Fixed length: 10. password Yes String Body Explanation: A password is the value of secret encrypted using the HMAC-SHA256 algorithm with the timestamp as the key. The device secret is returned by IoTDA upon successful device registration.
Figure 1 Device access development process TLS IoTDA supports Transport Layer Security (TLS) for encrypted communication and secure client connections.
Options: PAAS: In this mode, data is not encrypted and transmitted in plaintext, which is insecure. You are advised to use a more secure data encryption mode. PLAIN: SASL/PLAIN authentication. You must enter the username and password.
Options: PAAS: In this mode, data is not encrypted and transmitted in plaintext, which is insecure. You are advised to use a more secure data encryption mode. PLAIN: SASL/PLAIN authentication. You must enter the username and password.
Options: PAAS: In this mode, data is not encrypted and transmitted in plaintext, which is insecure. You are advised to use a more secure data encryption mode. PLAIN: SASL/PLAIN authentication. You must enter the username and password.
