Use openSSL to generate the root key
Generate the key:
2048 - Encryption strength. AWS needs minimum 2048
openssl genrsa -out rootCA.key 2048
Generate the pem file
Put the appropriate days for the certificate to be valid
This will ask a set of questions. Answer them appropriately. An example is
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields, there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:IN
State or Province Name (full name) [Some-State]:MH
Locality Name (eg, city) []:Pune
Organization Name (eg, company) [Internet Widgits Pty Ltd]: My company
Organizational Unit Name (eg, section) []: mycompany
Common Name (e.g. server FQDN or YOUR name) []:admin.mycompany
Email Address []:admin.mycompany@whatever
Now go to AWS IoT Service
Navigate to Secure -> CA
Click on Register on the right-hand side. This will open a page. Click on Register CA and follow the instructions. Make sure that in Step 3 in details for FQDN you have to put the key as mentioned in Step 2.
At Step 5 and 6 upload the required files.
Check "Activate CA certificate"
Check "Enable auto-registration of device certificates"
No comments:
Post a Comment