The following solutions can be used to retrieve device certificates (ProductKey, DeviceName, and DeviceSecret) issued by IoT Platform: 1. Device manufacturers burn certificates on devices. 2. After devices are powered on and connected to the Internet, the devices retrieve certificates from the cloud server of the corresponding device manufacturer.
Prerequisites
Before a device manufacturer burns device certificates on devices, the following operations must be performed:
Create a product: Set the Authentication Mode parameter to DeviceSecret.
In the IoT Platform console, select a method to register a device and obtain the device certificate based on your business scenario. The following table describes the methods that are supported.
Method
Procedure
In the The devices have been added dialog box, click Learn More or Copy Device Certificate to obtain the device certificate.
On the Device List tab, find the device that you want to manage and click View in the Actions column. On the device details page, click View to the right of DeviceSecret to obtain the device certificate.
After devices are created, the The devices have been added dialog box appears. Click Download Device Certificate to download the device certificates.
On the Batch Management tab of the Devices page, find the product whose devices you want to manage and click Download CSV in the Actions column to download the certificates of all devices of the product.
After you call an API operation to create one or more devices, IoT Platform returns the generated device certificates to your application.
RegisterDevice: Call the RegisterDevice operation to register a device.
BatchRegisterDevice or BatchRegisterDeviceWithApplyId: Call the BatchRegisterDevice or BatchRegisterDeviceWithApplyId operation to register multiple devices at a time.
If a device issues a request to retrieve the device certificate from the cloud server of the corresponding device manufacturer, the cloud server can call an IoT Platform API operation to register the device to obtain the device certificate.
Create a product: Set the Authentication Mode parameter to DeviceSecret.
Background information
If a device is connected to IoT Platform by using the DeviceSecret-based verification method, the device certificate that is issued by IoT Platform to the device is required to verify the identity of the device.
Burn device certificates on devices
Device manufacturers retrieve certificates issued by IoT Platform, and then use production lines to burn certificates on devices. After devices are powered on and connected to the Internet, the devices use the certificates to access IoT Platform.
This solution requires a device manufacturer to transform production lines to burn device certificates.
For more information, see Burn device certificates on devices.
Retrieve device certificates from the cloud server of the corresponding device manufacturer
If you use this solution, you must deploy a certificate distribution server and develop the corresponding server-side API operations and tables to store device information. After a device is powered on and connected to the Internet, you can connect the device to the cloud server of the corresponding device manufacturer and retrieve the device certificate that is issued by IoT Platform from the server. Then, you can use the device certificate to connect the device to IoT platform.
This solution helps device manufacturers eliminate the need to burn device certificates on devices on production lines and speeds up the mass production of devices.
For more information, see Retrieve device certificates from the cloud server of the corresponding device manufacturer.