Skip to main content

Part 5: Deploy a device update

Deploying software updates to your IoT devices allows you to maintain security, functionality, and compliance. This guide will walk you through creating a software update package, packaging it as an artifact, and deploying it as a release to your devices using DigiCert® Device Trust Manager.

Notice

Device management is available in the Advanced plan or higher. See Licensing and plans.

Objectives

  • Deploy an update to a Linux device through Device Trust Manager.

  • Monitor and verify the deployment status.

Before you begin

Step 1: Upload the artifact

To deploy an update, start by uploading the software update package as an artifact in Device Trust ManagerDevice Trust Manager.

  1. Sign in to DigiCert® ONE as a Solution Administrator.

  2. In DigiCert ONE, in the Manager menu (grid at top right), select Device Trust.

  3. In the Device Trust Manager menu, select Software updates.

  4. Select Create Artifact.

  5. On the General information step:

    1. Enter an Artifact name and, optionally, a description.

    2. Choose whether the artifact will be available to all divisions or only a specific division. Default is all divisions.

    3. Enter an Artifact version.

    4. Select an Artifact type.

    5. If this artifact depends on another, choose the artifact's dependency.

    6. Select Next.

  6. On the Artifact definition step:

    1. Upload the artifact payload zip file you created in Build and package a software update.

    2. Under Artifact handling, select both Install and Rollback and specify the following for each:

      • Install file: Script/installpkg.sh

      • Install file type: Script

      • Install sub-type: Bash

      • Rollback script: Script/rollback.sh

      • Rollback file type: Script

      • Rollback sub-type: Bash

    3. Select Create artifact.

Step 2: Create and deploy a release

Next, bundle the artifact into a release.

  1. In the Device Trust Manager menu, select Software updates > Releases.

  2. Select Create release.

  3. Enter a Release name and, optionally, a description.

  4. Enter a Release version.

  5. Choose a Division to associate the release with.

  6. Add the artifact created in Step 1: Upload the artifact.

  7. If needed, select which users will be notified of the release.

  8. Select Create release.

Now you're ready to create a deployment to send the release to devices.

  1. In the Device Trust Manager menu, select Software updates > Deployments.

  2. Select Create deployment.

  3. Enter a Deployment name and, optionally, a description.

  4. Choose a Division to associate the release with.

  5. Choose a Device group that will receive the update. All devices associated with the select device group will be sent the release.

  6. Select the Release created previously.

  7. Select Deploy now.

Tip

To monitor the progress of a deployment, go to Software updates > Deployments and select the specific deployment. This page displays the deployment settings and provides real-time status updates, showing both in-progress and completed devices.

When you select Deploy now, Device Trust Manager makes the deployment available for the selected device group. However, since we didn't set up TrustEdge agent to run as a service, it needs to be manually invoked to process the deployment.

To prompt the device to receive the deployment and begin installing it, run the following command on the Linux device you configured in Part 4: Connect a Linux device:

sudo trustedge agent

Note

If TrustEdge agent is already running as a service, this command will display a warning indicating that the service needs to be stopped. To proceed, stop the TrustEdge agent service, and then run the above command.

Step 3: Verify deployment

After deployment, verify that the software update has successfully installed on the device.

  1. Check that the update is listed on the device.

    dpkg -l digicert-hello-world-all
    
  2. Confirm that the application runs correctly by running:

    helloworld
    

Notice

If the package fails to install, see TrustEdge Troubleshoot guide.

Review your progress

At this stage, you’ve successfully deployed a software update to your IoT device using Device Trust Manager. You should now have:

  • Created and packaged a software update artifact ready for deployment.

  • Uploaded the artifact to Device Trust Manager, along with associated install and rollback scripts.

  • Configured and deployed a release to a specified device group.

  • Manually invoked TrustEdge agent on the device and verified that the device received and applied the software update.