Preparing for production
To use the nRF9160: LwM2M Client sample in production, you must prepare the sample for production by completing the following steps:
Program the nRF9160: AT Client sample to your device.
Provision the identity and security credentials.
Program the LwM2M client sample.
The following sections provide the guidelines on setting up the sample for production using AVSystem’s Coiote Device Management server.
Programming the AT Client sample
You must program the nRF9160: AT Client sample to your device to control the security tags in the modem.
See nRF91 AT Commands Reference Guide for documentation on each AT command.
Also, you must provision the bootstrap credentials for the security tag (that you have specified in
CONFIG_LWM2M_CLIENT_UTILS_BOOTSTRAP_TLS_TAG Kconfig option) to the nRF9160 modem.
Provisioning the identity and security credentials
To provision the credentials, complete the following steps:
Ensure that you have removed the previous security tags from the modem by issuing the AT%CMNG command:
Identify the device IMEI by issuing the command
AT+CGSN 352656100367872 OK
Create an identity
urn:imei:<IMEI CODE>based on the IMEI of your device. For the example in previous step, the identity of the device is
Generate a secure PSK key and store that to the security tag. For example, to write the key
000102030405060708090a0b0c0d0e0f, run the following commands:
AT%CMNG=0,<TAG>,4,"urn:imei:352656100367872" OK AT%CMNG=0,<TAG>,3,"000102030405060708090a0b0c0d0e0f" OK
For automated provisioning of credentials, you can use the script
provision.py that is available in the
To set up the script, you must set your username and password for the AVSystem’s Coiote Device Management server as environment variables and pass the device serial port as a parameter when you run the script.
See the following code:
# Setup phase [[email protected]]:~/scripts# export COIOTE_PASSWD='my-password' [[email protected]]:~/scripts# export COIOTE_USER='my-username' # Find the serial port [[email protected]]:~/scripts# nrfjprog -f NRF91 --com 960033095 /dev/ttyACM0 VCOM0 960033095 /dev/ttyACM1 VCOM1 960033095 /dev/ttyACM2 VCOM2 # Run [[email protected]]:~/scripts# ./provision.py /dev/ttyACM0 AT interface ready Identity: urn:imei:352656100394546 Security tag 35724862 cleared PSK credentials stored to sec_tag 35724862 Coiote: Deleted device urn:imei:352656100394546 Coiote: Deleted device urn:imei:352656100394546-bs Coiote: Created device urn:imei:352656100394546 to domain /IoT/NordicSemi/Interop/
You can now program the device with the final sample image.
Configuring and programing the sample
To configure and program the sample, complete the following steps:
Make the sample programmable to multiple devices by removing all hard coded credentials. This can be done by setting the CONFIG_APP_LWM2M_PSK Kconfig option to empty value.
Enable bootstrapping using the configuration overlay file
overlay-avsystem-bootstrap.conf. Bootstrapping is required for an LwM2M client to rotate security credentials.
Prepare the production script or steps for your nRF9160-based device.
Program the sample.