Documentation

Interconnection Authentication of MEF Center and MEF Edge

This section describes how to obtain the MEF Center root certificate and cloud-edge authentication token, and configure the NMS on the MEF Edge device for bidirectional authentication and cloud-edge interconnection between MEF Center and MEF Edge.

Prerequisites

The system time of the device to be managed must be the same as that of MEF Center. Otherwise, the interconnection may fail.

Procedure

  1. Log in to the MEF Edge device environment as the root user.
  2. Obtain the MEF Center root certificate and cloud-edge authentication token.
    1. Export the root certificate by referring to Exporting the Root Certificate. Select hub_svr as the URL parameter.
    2. Obtain a valid cloud-edge authentication token by referring to Obtaining the Cloud-Edge Authentication Token. The validity period of the obtained token is seven days.
  3. Upload the MEF Center root certificate to any directory on the MEF Edge device. It is recommended that other users do not have the write permission on the directory.
  4. Switch to the directory that contains the NMS configuration file.
    cd Installation_path/MEFEdge/software/
  5. Configure the NMS.
    ./run.sh netconfig [-net_type=MEF] -ip=<MEF Center_IP_address> [-port=<MEF Center_port_number>] -root_ca=<MEF Center_root_certificate_path/certificate_name.crt> [-test_connect=true] [-auth_port=<MEF Center_authentification_port_number>]
    Table 1 netconfig parameters

    Parameter

    Mandatory/Optional

    Description

    net_type

    Optional

    NMS mode. If this parameter is not set, the default value MEF is used.

    ip

    Mandatory

    IP address for accessing MEF Center.

    NOTE:

    Only IPv4 is supported. It cannot be an all-0 address (0.0.0.0), a broadcast address (255.255.255.255), or a local IP address.

    port

    Optional

    Port number of MEF Center. The value ranges from 1025 to 65535. If this parameter is not set, the default port 30003 is used. If the port number has been configured for multiple times, the latest configuration takes effect.

    root_ca

    Mandatory

    Path of the imported MEF Center root certificate file. The path must be an absolute path. The owner of the path must be root. The owner group and other users do not have the write permission on the path. The size of the path cannot exceed 1 MB.

    NOTE:

    If the device fails to connect to MEF Center because the certificate has expired or is revoked, import the MEF Center root certificate file again.

    test_connect

    Optional
    Whether to test the connectivity between MEF Edge and the MEF Center during NMS configuration. The default value is true, indicating that the connectivity test is performed by default.
    • If this parameter is set to true, the connectivity between the device and MEF Center is tested. If the test fails, the interconnection with MEF Center fails.
    • If this parameter is set to false, the connectivity between the device and MEF Center is not tested, and the interconnection with MEF Center may fail.

    auth_port

    Optional

    Port number used by MEF Center for authentication. The value ranges from 1025 to 65535. If this parameter is not specified, the default port 30004 is used.
  6. Enter the cloud-edge authentication token as prompted to complete the interconnection.
    Please enter token:
    If the following information is displayed, the interconnection is successful. If the interconnection fails, see MEF Center and MEF Edge Fail to Configure the NMS.
    Execute [netconfig] command success!
  7. After the interconnection is successful, restart MEF Edge.
    ./run.sh restart

    If the following information is displayed, the restart command is successfully executed:

    Execute [restart] command success!
Parent topic: Instructions