Managing device certificates

For devices and registries to begin exchanging data and commands, you need to log in. This section describes how to manage device certificates for the relevant authorization method.

Note

When using an X.509 certificate along with a password, the password has higher priority.

To access a device, use its unique ID or name. For information about how to get its unique ID or name, see Getting information about a device.

Viewing a list of certificates

If you don't have the Yandex.Cloud command line interface yet, install it.

View the list of device certificates:

$ yc iot device certificate list --device-name my-device
+------------------------------------------+---------------------+
|               FINGERPRINT                |     CREATED AT      |
+------------------------------------------+---------------------+
| df3cc4f337eba01a264803d15b119e2d33943315 | 2019-05-29 17:14:36 |
| 65e5b050069da5ca5996a4a8a92514098b0a5dd1 | 2019-05-29 17:14:18 |
+------------------------------------------+---------------------+

Adding a certificate

If you don't have the Yandex.Cloud command line interface yet, install it.

Add a certificate to the device:

$ yc iot device certificate add \
--device-name my-device \ # Device name.
--certificate-file device-cert.pem # Path to the public part of the certificate.

device_id: b9135goeh1uc1s2i07nm
fingerprint: 65e5b050069da5ca5996a4a8a92514098b0a5dd1
certificate_data: |
  -----BEGIN CERTIFICATE-----
  MIIE/jCCAuagAwI...
  -----END CERTIFICATE-----
created_at: "2019-05-29T17:14:18.804Z"

Deleting a certificate

If you don't have the Yandex.Cloud command line interface yet, install it.

  1. Delete a device certificate:

    $ yc iot device certificate delete --device-name my-device --fingerprint 65...
    
  2. Make sure the certificate was deleted:

    $ yc iot device certificate list --device-name my-device
    +-------------+------------+
    | FINGERPRINT | CREATED AT |
    +-------------+------------+
    +-------------+------------+