Versions Compared

Old Version 39

changes.mady.by.user Gill Houghton

Saved on

compared with

New Version Current

changes.mady.by.user Gill Houghton

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

When installed on Linux, Windows or deployed via Azure Marketplace, the default User login credentials are:

Code Block
username: admin
password: password

When deployed via AWS Marketplace, the default User login credentials are:

Code Block
username: admin
password: EC instance ID for example: i-0049ac1e13e558b70

...

The Chariot MQTT Server Web UI provides multiple configuration pages on the left navigation panel.

Anchor

...

Accounts Configuration
Accounts Configuration

...

Accounts

The Accounts page allows for the creating, updating and deleting of Users, Roles and Sources.

Anchor
AccountsUsers
AccountsUsers
Users

The Users page allows for the creating, updating, and deleting of Chariot Users.  A Chariot User may log into the Chariot Web UI and perform different actions based the the Roles assigned to that User.  The main Chariot Users page shows a table of existing Chariot Users.  Users can be added by clicking the "Add User" button, or they can be edited by clicking on the individual User in the table.Image Added

Image Removed

Add User

Clicking the "Add User" button will display a form for creating a new Chariot User.Image Added

Image RemovedThe form contains the following fields:

  • Username
    • A unique username for the Chariot User (required).
  • Password
    • A secure password for the Chariot User that will be used to log into the Chariot Web UI (required).
  • Email
    • An email address associated with the Chariot User (optional).
  • First Name
    • A first name associated with the Chariot User (optional).
  • Last Name
    • A last name associated with the Chariot User (optional).
  • Roles
    • A list of Chariot Roles associated with the Chariot User.
Note
By default, a User with the Username admin and Password password will be created

The "Add" button in the The "Add" button in the bottom right of the form can be clicked to create the User.

...

Clicking on an individual Chariot User in the table will display a form for editing the Chariot User.Image Added

Image RemovedThe update form contains additional fields that can be used to provide more information about the Chariot User. Additionally, a dropdown list to the right of the Chariot User's username can be clicked to provide options for deleting the user, or changing the Chariot User's password. 

Image Added

Image RemovedThe "Update" button in the bottom right can be clicked to update the Chariot User once all changes have been made. 

Anchor

...

AccountsRoles

...

AccountsRoles
Roles

The Roles page allows for the creating, updating, and deleting of Chariot Roles.  A Chariot Role is a collection of permissions that authorized viewing, editing, and/or controlling the Chariot MQTT Server. The main Chariot Roles page shows a table of existing Chariot Roles.  Roles can be added by clicking the "Add Role" button, or they can be edited by clicking on the individual Role in the table.Image Added

Image Removed

Add Role

Clicking the "Add Role" button will display a form for creating a new Chariot Role.Image RemovedImage Added

The form contains the following fields:

...

Clicking on an individual Chariot Role in the table will display a form for editing the Chariot Role.Image RemovedImage Added

The "Update" button in the bottom right can be clicked to update the Chariot Role once all changes have been made.

Anchor

...

AccountsSources
AccountsSources
Sources

The Chariot Security Service can be configured to add an LDAP Realm to use when authenticating and authorizing access via the Chariot UI. 

Tip

This feature is available in Chariot v2.4.2 and newer

Review the LDAP for Chariot UI/REST Users for configuration details

Image Added

Anchor
MQTT Credentials Configuration
MQTT Credentials Configuration

MQTT Credentials

The MQTT Credentials page contains two tabs: MQTT Credentials and LDAP

MQTT Credentials are the credentials that clients will use to authenticate when establishing an MQTT connection to the Chariot MQTT Server.

MQTT Credentials also contain the access control lists (ACLs

...

MQTT Credentials

MQTT Credentials are the credentials that clients will use to authenticate when establishing an MQTT connection to the Chariot MQTT Server.  MQTT Credentials also contain the access control lists (ACLs) that control which MQTT topics a client can publish and/or subscribe on. Credentials can Credentials can be added by clicking the "Add Credential" button, or they can be edited by clicking on the individual Credential in the table.they can be edited by clicking on the individual Credential in the table.

Tip
From Chariot release 2.5.0, to avoid manual configuration, the required ACLs can be generated from the STATUS > Sparkplug > Tools menu and will automatically be added to the MQTT Credentials 

Image AddedImage Removed

Add Credential

Clicking the "Add Credential" button will display a form for creating a new MQTT Credential.Image Added

Image RemovedThe form contains the following fields:

  • Username
    • A unique username that an MQTT client will use when connecting.
  • Password
    • A secure password that an MQTT client will use when connecting.
  • Publish Topics
    • A list of MQTT topic filters that the client is allowed to publish on (wildcards may be used).
  • Subscribe Topics
    • A list of MQTT topic filters that the client is allowed to subscribe on (wildcards may be used).
Note

By default, two default MQTT Credentials are created:

Username admin Password changeme

Username anonymous Password   Password changeme 


The "Add" button in the bottom right of the form can be clicked to create the Credential.

Topic Examples:

  • #
    • Allows publish or subscribe on all topics
  • STATE/123
    • Allows publish or subscribe on the specific topic "STATE/123"
  • spBv1.0/#
    • Allows publish or subscribe on all topics
  • STATE/123
    • Allows publish or subscribe on the specific topic "STATE/123"
  • spBv1.0/#
    • Allows publish or subscribe on all topics that start with "spBv1.0/", such as "spBv1.0/g1/DDATA/e1/d1"

Image Removed

Edit Credential

Clicking on an individual MQTT Credential in the table will display a form for editing the Credential.

    • that start with "spBv1.0/", such as "spBv1.0/g1/DDATA/e1/d1"


Examples of MQTT Credentials

Image Added

Edit Credential

Clicking on an individual MQTT Credential in the table will display a form for editing the Credential.Image Added

The "Update" button in the bottom right can be clicked to update the Credential once all changes have been made.

Anchor
MqttCredsLDAP
MqttCredsLDAP
LDAP

Chariot can be configured to use an LDAP server for MQTT client authentication and authorization instead of Chariot's MQTT Credentials.

Tip

This feature is available in Chariot v2.4.2 and newer

Review the LDAP for MQTT Clients for configuration details

Image AddedImage RemovedThe "Update" button in the bottom right can be clicked to update the Credential once all changes have been made.

Anchor
MQTT Server Configuration
MQTT Server Configuration

...

The configuration tab is a simple form used to configure the MQTT Server.Image RemovedImage Added

The form contains the following fields:

...

Note
Bridging is supported in release 2.3.0 forward

Image RemovedImage Added

To edit an existing bridge client, select the client from the UI. To add a new bridge client , select Add Bridge Client.Image RemovedImage Added

The form contains the following fields:

...

The License page allows for addinguploading, activating, and/or deactivating a Chariot License. .

Tip
A detailed tutorial for licensing Chariot can be found

...

here Licensing Procedure.


Note
If you have deployed Chariot through AWS Marketplace or Azure Marketplace, then no additional steps are required - your license is already installed and activated.

Image Added

Upload License

A Chariot License is represented by a text file which contains a license key.  The file can either be dragged/dropped into the "Upload License" form, or the license text can be pasted directly into the form.Image Added

Tip

...

The Activate toggle (in the Upload License form) can be used to auto-activate the license immediately after it is uploaded. This is a convenience to prevent the need to click Activate License after uploading a license.

Online Activation

Online Activation allows the Chariot MQTT Server to remotely connect to the Chariot Licensing server for activation and deactivation of Chariot Licenses. When the "Online Activation" is selected, the License page appears with the following options:Image RemovedImage Added

  • Activate License
    • Activates an uploaded Chariot License by remotely accessing the Chariot Licensing Server.
  • Deactivate License
    • Deactivates an uploaded & active Chariot License by remotely accessing the Chariot Licensing Server.

...

Offline Activation requires the user to generate an activation request and provide it to Cirrus Link Solutions in order to obtain an Activation Code.  The Activation Code can then be uploaded into the Chariot MQTT Server to activate the previously uploaded Chariot License.  When the "Offline Activation" option is selected, the License page appears with the following options:Image Added

Image Removed

  • Generate Activation Code
    • Generates an Activation Request Code.
  • Deactivate and Generate Code
    • Deactivates an active Chariot License and generates a Deactivation Request Code.
  • Upload Activation Code
    • Uploads an Activation Code that was obtained using the Generate Activation Code.

...

The System page allows for the configuration of the Chariot MQTT Server's system settings as well as enabling secure (SSL/TLS) connections and uploading certificates. 

Tip
A detailed tutorial for setting up SSL/TLS can be found here: Securing Chariot® MQTT Server

It comprises three tabs: Configuration, Certificates and Backup/Restore

Anchor
SystemConfiguration
SystemConfiguration
Configuration

The System page uses the following form to configure the system settings:Image Added

Image Removed

The form contains the following fields:

  • Server Name
    • An optional name for this Chariot installation.
  • Enable HTTP
    • Whether to enable non-secure HTTP connections to the Chariot Web UI.
  • HTTP Port
    • The port that the Chariot MQTT Server will use for HTTP.
  • Enable HTTPS
    • Whether to enable Secure HTTPS connections to the Chariot Web UI.
  • HTTPS Port
    • The port that the Chariot MQTT Server will use for HTTPS.

Anchor
SystemCertificates
SystemCertificates
Certificates

The certificates tab provides the means to upload the necessary certificates and keys for setting up SSL/TLS.

Warning
Self-signed certificates should not be used in a production environment on a public network.

Image RemovedImage Added

The Certificates tab contains the following fields:

...

If successful, the certificate information will now be displayed on the Certificates tab:Image Added

Image RemovedThe "Delete SSL" button can be used to remove the certificate and key from the Chariot MQTT Server and revert to a "SSL Not Setup" state..

Anchor
SystemBackup
SystemBackup
Backup/Restore

This tab allows for the backup and restore of Chariot configuration data.

...

Image Added

  • Export Backup
    • This button downloads a backup.zip file that contains the current configuration data of the Chariot instance.
    Restore From BackupThis button restore configuration data from backup.zip file.
    • .zip file that contains the current configuration data of the Chariot instance
  • Restore From Backup
    • This button restore configuration data from backup.zip file.
Note
The backup does not include any SSL certificates that may have been loaded. If configured for SSL, make sure to also copy the ssl.jks keystore from <OLD_chariot_install_folder>/security directory and save the ssl.jks keystore and exported backup.tgz file in a safe, known location