Basic Communication Procedures
Nur für den internen Gebrauch
A31003-S2000-R102-16-7620 02/2016
68
Provisioning Service, Developer’s Guide
c03.fm
Provisioning Service Driven Interaction
8. With the next contact of device, the provisioning service verifies the client certificate and
because of the PIN a readItems for getting the bootstrapping TAN is sent to the device.
<DLSMessage xsi:schemaLocation="http://www.siemens.com/DLS"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://www.siemens.com/DLS">
<Message nonce="58D4EE11C844865CAF0E9AA11ED2856F">
<Action>ReadItems</Action>
<ItemList>
<Item name="bootstrapping-tan"></Item>
</ItemList>
</Message>
</DLSMessage>
9. The device responds with accepted including the TAN (last 3 characters of the PIN)
<WorkpointMessage xsi:schemaLocation="http://www.siemens.com/DLS"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://www.siemens.com/DLS">
<Message fragment="final" maxItems="-1"
nonce="58D4EE11C844865CAF0E9AA11ED2856F">
<ReasonForContact status="accepted" action="ReadItems">
reply-to
</ReasonForContact>
<ItemList>
<Item name="bootstrapping-tan">321</Item>
</ItemList>
</Message>
</WorkpointMessage>
10. The TAN has been accepted and the provisioning service continues with normal message
flow.
11. Individual client certificate and provisioning server CA certificate(s) have been stored, all
further requests from this device perform mutual authentication on port 18444.
12. When bootstrapping process has finished with success, requests from device via Default
Mode port (18443) are blocked now.