Enroll a Robot
Enrollment is automatic. When you run the bootstrap command on a robot, the agent enrolls itself as part of that one command — it generates a key pair, exchanges a certificate signing request for a device certificate, and brings up mutual TLS. You do not normally enroll a robot by hand.
This page explains what enrollment does, and — for rare recovery cases only — how to run it manually.
What enrollment does
During the bootstrap command the agent generates a key pair, exchanges a CSR (with the single-use token) for a signed device certificate and robot ID, and uses that identity for mutual TLS from then on; for the full flow see Enrollment. It is idempotent — once a device certificate exists, re-running the bootstrap command exits cleanly without re-enrolling, so it is safe to retry after a transient failure.
Advanced: manual re-enrollment
!!! warning You should not need this in normal operation. Use it only to recover a robot whose identity was lost or must be reset. To get a fresh identity you must first remove the existing certificate and key, then enroll with a new single-use token from the web app.
- Generate a new bootstrap command (or token) for the robot in the web app.
- Remove the existing device certificate and key from the state directory (default
/var/lib/rdyn/robot/). - Run enrollment with the new token:
bash
sudo rover-agent -enroll --url <enrollment-url> --token <bootstrap-token>
- Confirm the new identity was written:
bash
sudo ls -l /var/lib/rdyn/robot/device.crt
sudo grep robot_id /var/lib/rdyn/robot/robot.toml
Expanded guidance on re-enrollment and certificate rotation is coming soon; for help, contact [email protected].
Useful flags
--url— enrollment URL.--token/--token-file— the bootstrap token, inline or from a file.--state-dir— override the state directory (default/var/lib/rdyn/robot).--ca-root— path to the CA root used to verify the server.--alg— key algorithm to use for the key pair.--dry-run— run the flow without writing files.--print-csr— print the generated CSR.
Next steps