You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Devices registering to COS for devices might require the generation of certificates to be used in their apps (e.g. a TCP server running on the robot or a websocket).
This PR adds the generation of self-signed TLS certificates when a GET request is received on the api/v1/devices/<uuid>/certificate endpoint.
The cert and key are then sent in the response.
I am not sure about the logic. It appears to be opposed of what was done before.
Previously, the cos-registration-agent was creating its UUID if not provided and simply registering it to the server.
Same for the public/private RSA key we were using for the ros2bag-filserver.
Here the logic is the opposite.
We have been using the POST api/v1/devices to store information to the server. And here we are requesting an information from the server.
Maybe we could add an additional endpoint to request a certificate generation (something like GET api/v1/devices/UUID/certificate). This way we don't have one endpoint that does too many things.
I am not sure about the logic. It appears to be opposed of what was done before. Previously, the cos-registration-agent was creating its UUID if not provided and simply registering it to the server. Same for the public/private RSA key we were using for the ros2bag-filserver. Here the logic is the opposite. We have been using the POST api/v1/devices to store information to the server. And here we are requesting an information from the server. Maybe we could add an additional endpoint to request a certificate generation (something like GET api/v1/devices/UUID/certificate). This way we don't have one endpoint that does too many things.
This has been addressed and changed after discussion, from commit 536e4c4
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Devices registering to COS for devices might require the generation of certificates to be used in their apps (e.g. a TCP server running on the robot or a websocket).
This PR adds the generation of self-signed TLS certificates when a GET request is received on the
api/v1/devices/<uuid>/certificateendpoint.The cert and key are then sent in the response.
Tests and openapi have been updated accordingly.
An example of the agent registering and retrieving certificates is available in canonical/cos-registration-agent#53.