Uploading your CA certificate to Device Management
When your devices connect to Device Management, they use a Datagram Transport Layer Security (DTLS) device certificate, which is signed by a certificate authority, to prove that they are linked to your Device Management account.
In the Secure Factory solution, Secure Factory Service generates the device certificates and signs them using the certificate authority (CA) certificate that you generate when you set up your Secure Factory Service.
To enable Device Management to trust your device certificates, you must upload your CA certificate to Device Management.
Creating the CA file
To create a CA file:
- In the Secure Factory Service Admin UI, select Status from the side menu.
- Scroll down to the Certificate authority section and click the Copy () button.
- Create a new document using your text editor and paste the certificate that you copied.
- Save the document in CRT format (
.crt
).
Uploading your CA certificate to Device Management Portal
To upload a certificate to your account through Device Management Portal:
- Log in to Device Management Portal as an administrator.
- From the side menu, select Device identity > Certificates.
- Click New certificate and select Upload your own certificate.
- Populate the Name and Description fields.
- Click Choose File and select your CA file.
- From the How will devices use this certificate? dropdown, select Credentials or Factory configurator utility - I can prove ownership of these credentials.
- From the Which service will these devices use? dropdown, select LWM2M.
- Click Upload certificate.
Uploading or deleting your CA certificate using the API
Use the /v3/trusted-certificates
REST API to upload, read, update and delete certificates.
The /v3/trusted-certificates
API has the following parameters:
name
: Mandatory.description
: Optional.cert_data
: The certificate file. Mandatory.service
: Set the value tolwm2m
. Mandatory.
Deleting a CA certificate using Device Management Portal
To delete a certificate from your account through Device Management Portal:
- Log in to Device Management Portal as an administrator.
- From the side menu, select Device identity > Certificates.
- From the list of certificates, select the certificate that you want to delete. This opens a pane on the right-hand side with the details of the selected certificate.
- Click the Delete button (). This opens the Delete bootstrap certificate window.
- Click Delete certificate.