Learn how to add and manage a secure tunnel for a device in IoT Platform.
Prerequisites
- You have created a product and a device. For more information, see Create a device.
- The device has been developed to support the secure tunnel feature, is connected to IoT Platform, and is online. For more information, see Develop a device.
Background
See Use a secure tunnel to access a device for the end-to-end process of communication between a client and a device over a secure tunnel.Create a secure tunnel
-
Log in to the IoT Platform console.
On the Overview page, find the instance that you want to manage and click the instance ID or instance name.
- In the left-side navigation pane, choose .
- On the secure tunnel page, click Create Secure Tunnel.
- In the Create Tunnel dialog box, configure the following parameters and click OK.
Parameter Description Product Select the product to which the device belongs. You can select only products created under your Alibaba Cloud account. Authorized products are not supported. For more information about authorized products, see authorized product.
Device Select the device for which you want to create the secure tunnel. The device must be online. Custom information Enter custom information. After the secure tunnel is created, IoT Platform sends a notification with this information to the device.
Description Enter a description for the secure tunnel to help you identify it later. - In the dialog box that appears, click Copy All to copy the URL and token that the client needs to connect to the secure tunnel.
Securely store the token and URL. This information is required when you develop the client to connect to the secure tunnel. After the tunnel is created, the dialog box displays the secure tunnel ID, client token, and client URL (in the format
wss://iot-secure-tunnel.xxx). The client uses this URL to establish a WebSocket connection and passes the token in the HTTP request header for authentication.After a secure tunnel is created, its status is opened by default, and the device-side status is connected.
Important The status of a secure tunnel automatically changes to closed after 24 hours. The system automatically deletes the tunnel after 30 days.
Manage secure tunnels
- On the secure tunnel page, search for a specific tunnel by selecting a product and device, or by entering a secure tunnel ID or device name. You can view information such as the tunnel status and the connection status of the device and client.
A connected status for the device or client indicates that a secure WebSocket channel is established with IoT Platform. After both ends are connected, the client can remotely log on to the device. The list displays information such as the tunnel ID, device name, status, connection status of the device and client, and creation time. In the Actions column, click View to see tunnel details or Close Tunnel to close an opened tunnel.
- In the list of secure tunnels, select the tunnels you want to manage, click batch operations, and then click Batch Close Tunnels or Batch Delete Tunnels.
You can also view, close, or delete a single tunnel from the Actions column.Warning Closing a secure tunnel immediately disconnects the client and the device. You cannot reopen the tunnel. This operation may cause service unavailability or affect your business. Proceed with caution.Important
- You can close only secure tunnels that are .
When the secure tunnel is closed, the device and the client cannot establish a remote access channel for communication.
- You can delete only secure tunnels that are .
- You can close only secure tunnels that are .
API reference
API | Description | Support for MQTT instances |
Creates a secure tunnel. | No. | |
Closes an open secure tunnel. | ||
Deletes a closed secure tunnel. | ||
Queries the details of a specific secure tunnel. Details include the associated device, creation time, ID, and connection status. |