Protocol - Web server

This page documents the webserver configuration

Note

The web server can only service one connection at a time.

The CANedge web server (web page or API) is available on port 80 and can be accessed through the device hostname (the device ID) or through the assigned IP-address. E.g. a device with device ID AABBCCDD can be accessed using the hostname http://AABBCCDD:80 or using the dynamically assigned IP-address, e.g. http://192.168.1.100:80.

If access through the hostname fails (e.g. using a web browser), the assigned IP-address can be found using one of below methods:

  • Via the DHCP server (often running on the WiFi access-point) find the device in the list of assigned IP-addresses (usually lists both hostname and assigned IP).

  • From a command-line use a tool to look up an IP-address from a hostname, e.g.

    $ nlookup AABBCCDD

Name:    AABBCCDD
Address:  192.168.1.100

  • Use a network scan tool to search for devices responding to requests on port 80. Many such tools exists for all platforms, e.g. the tool Advanced IP Scanner for Windows.

Configuration file fields

This section is autogenerated from the Rule Schema file.

Access permission connect.webserver.permission

Web server access permission level

Type

Default

Options

integer

0

Read only: 0 Read, write and execute: 1

Security connect.webserver.security

Controls if the web server is protected by basic authentication or not.

Type

Default

Options

integer

0

None: 0 Basic: 1 Basic with encrypted password: 2

Configuration explained

This section contains additional information and examples.

Permission

The permission setting controls the web server permission level:

  • Read only: View and download files from device.

  • Read, write and execute: View, download, remove and upload files from/to the device (e.g. upload new configuration file).

Note

Upload is limited to the configuration, firmware, and certificate files.

Security

The security setting controls the web server access control level.

  • None: No access control.

  • Basic / Basic with encrypted password: Basic password protection.

The basic (with/without encrypted password) security level implements Digest Access Authentication as described in RFC2617. Most browsers support basic authentication and will automatically prompt the client to enter username and password.

The server supports a single user with fixed username “user” (the associated password is set in the configuration file).

Note

Digest Access Authentication is a weak security method, for more information see RFC2617.

Web page

The web page allows the user to browse the filesystem and to download, upload and delete files1. For information on how to find the web page, see the top of this page.

For a machine friendly web server interface, see Web server API.

../../../../_images/webpage.png

Warning

Web browsers often automatically add https. The web server does currently not support TLS.

Warning

Web browsers may consider the *.MF4 log files as an unknown / insecure file type and initially try to block downloads.

Configuration update

The device configuration file can be updated through the web server (when the permission setting allows write). The device reboots when a new configuration file is uploaded (if it is compatible with the running firmware).

Certificate bundle update

The device certificate bundle file can be updated through the web server (when the permission setting allows write). The device reboots when a new certificate bundle file is uploaded.

Firmware update

The device firmware can be updated through the web server (when the permission setting allows write).

Update to firmware with same MAJOR/MINOR version (example: 01.02.03 to 01.02.04)

  1. Upload new firmware file (firmware.bin)

  2. The device applies the new firmware and reboots

  3. The device loads configuration file (config-01.02.json)

Update to firmware with new MAJOR/MINOR version (example: 01.02.03 to 01.03.00)

  1. First upload new configuration file (config-01.03.json)

  2. Then upload new firmware file (firmware.bin)2

  3. The device applies the new firmware and reboots

  4. The device deletes the old configuration file (config-01.02.json)

  5. The device loads configuration file (config-01.03.json)

Web server API

The device exposes a REST API (endpoint /api/). The API can be used to programmatically interface with the device web server. For more information see Web server API.

1

The upload and delete forms are only displayed when the permission setting allows write.

2

The firmware file is discarded if the corresponding configuration file is missing.