Client-initiated bootstrap call flow
In client-initiated bootstrap, the LWM2M bootstrap client initiates the bootstrap message to a bootstrap server, whose URL is known to the device in prior.
- Declarative bootstrap
- Bootstrap script
- Primitive bootstrap
For more information on how to configure the bootstrap methods using the Protocol setup page, see the section Configuring the LWM2M setup in LWM2M Onboarding Guide.
This section explains the declarative bootstrap method.
With the call flow defined above, when once client and server finishes the complete flow, then device is considered bootstrapped with the IMPACT server.
During a declarative bootstrap, server writes a value of 86400 on the Lifetime resource. To set this value to some other value, a write command must be sent on the server object and lifetime resource, after the device registers.
Client-initiated bootstrap authentication using Enterprise Certificate Authority
When the LWM2M device initiates an LWM2M bootstrap request to IMPACT using DTLS with X.509 authentication, the device checks if the server is valid using Certificate Authority (trusted party). Whereas, IMPACT checks the validity of the device using Enterprise Certificate Authority during a handshake. On successful validation, the device is bootstrapped for LWM2M using the defined Protocol Setup that has the certificate, which has signed the device certificate.
Bootstrapping pre-provisioned devices
When pre-provisioning the client-initiated bootstrap device, it is not required to provide the Pre-Shared Key (PSK) details of the device. During the client-initiated bootstrap, server generates the PSK identity and PSK secret which writes on the LWM2M client security object.