Ground control requirements
The Remote Instrument Control (RIC) software is installed on eol-ric.ucar.edu. In order to run it, the user must have current certificates for RIC and for the instruments you are connecting to RIC. Once the RIC Proxy is installed on a user's computer, they can connect to their instrument using RIC and control the instrument remotely.
Running RIC: User Tasks
Install the RIC proxy on your (users) computer
- Download RIC proxy from https://www.eol.ucar.edu/software/ric and follow installation instructions.
Get a copy of the latest RIC certification from an SE/ADMIN
- You will need a copy of the RIC certification file (eol-ric.crt) which should be placed into .ric/Certs in your home dir. (This dir is created automatically when installing on a Window's machine. Use "ls -a" to see it.)
- In addition, you will need the .key and .crt files for your instrument (<inst>.crt, <inst>.key). An SE or ADMIN can obtain these from .ric/Certs on eol-ric.
NOTE: <inst> is the name of your instrument: GNI, AVAPS, etc
Change the file permissions on your certs to be user read only
- From ~/.ric/Certs, run:
> chmod 0400 eol-ric.crt
> chmod 0400 <inst>.crt
> chmod 0400 <inst>.key
If you are running on a MAC, you will need to add eol-ric.crt to your keychain file (requires admin privileges)
- Finder -> Applications -> Utilities -> Keychain Access
- On the left in the upper window, under Keychains, click System
- On the left in the lower window, click Certificate (not "My Certificates)
- Click the plus sign in the upper left (by the red, yellow, and green window control buttons). If not available, try File -> Import Items
- You should get a file selector window. Select your eol-ric.crt file. You may need to hold down Command-Shift-Period to see the .ric dir
- eol-ric.crt will show up under System with a red x. Double click it. Click trust. When using this certificate, always trust.
Configure your .ini files
- Change the last line of .ric/Proxy.ini to point to a file with the name of your instrument and change the ProxyID near the top of the file to the string that you are using to start your UDP packets
ProxyID=<inst>
InstrumentFile=<inst>.ini
- Rename SAMPLEINST.ini in .ric/Instruments to the filename created above
>mv SAMPLEINST.ini <inst>.ini
- Edit the file you just moved and change InstName to the name of your instrument
InstName=<inst>
- Sample .ini files: AWAS.ini
At this point, you should have:
homedir/.ric/ _(where homedir is /Users/<username> on a mac, or C:\Users\<username> on Windows)_
Proxy.ini
Certs/ _(with file permission set to read-only for all files in this directory)_
eol-ric.crt
<inst>.crt
<inst>.key
Instruments/
<inst>.ini
Connect to your instrument
- From the user computer, run launch_app. For example, for a mac, run
> /Users/<you>/RIC-7009/RICProxy-7009.app/Contents/MacOS/launch_app
- Click connect.
- If RIC doesn't stay connected, confirm that your certs aren't corrupted:
>openssl x509 -text -in <file>.crt
should return begin and end dates that include today, and a subject line like:
Subject: C=US, ST=CO, L=Boulder, O=NCAR, OU=GNI, CN=eol-ric.ucar.edu
where the only difference you will see is the OU will be an abbreviation of your instrument. Also check that the certs have user only read permission:
>ls -l <file>.crt
should return "-r--------"
- Once connected, start the user's instrument client on the user's computer. The control software running from the ground, needs the following:
UDP_IP = 127.0.0.1
UDP_SEND_PORT and UDP_READ_PORT to be defined as listed here: https://wiki.ucar.edu/display/SEW/UDP-Data (internal access only). For example, for the GNI instrument:
AWAS:
UDP_SEND_PORT = 32103
UDP_READ_PORT = 32102
- For instruments mounted on the aircraft, the instrument software needs to write to:
UDP_IP = 192.168.84.xxx (use whatever is configured in /etc/dncp/dhcpd_ac.conf)
AWAS:
UDP_SEND_PORT = 32102
UDP_READ_PORT = 32103
UDP_NIDAS_PORT = 30131
Ports are listed here: https://wiki.ucar.edu/display/SEW/UDP-Data (internal access only)