Managing device certificates
For devices and registries to begin exchanging data and commands, you need to log in. This section describes how to manage device certificates for the relevant authorization method.
Note
When using an X.509 certificate along with a password, the password has higher priority.
- Viewing a list of device certificates.
- Adding a certificate to a device.
- Deleting a device certificate.
To access a device, use its unique ID or name. For information about how to get its unique ID or name, see Getting information about devices.
Getting a list of certificates
- In the management console, select the folder where the device is located.
- Select the Yandex IoT Core.
- Select the registry where the device is located.
- Go to the Devices tab.
- Select the device.
- On the Overview page, go to the Certificates section.
If you don't have the Yandex.Cloud command line interface yet, install and initialize it.
The folder specified in the CLI profile is used by default. You can specify a different folder using the --folder-name
or --folder-id
parameter.
View the list of device certificates:
yc iot device certificate list --device-name my-device
Result:
+------------------------------------------+---------------------+
| FINGERPRINT | CREATED AT |
+------------------------------------------+---------------------+
| df3cc4f337eba01a264803d15b119e2d33943315 | 2019-05-29 17:14:36 |
| 65e5b050069da5ca5996a4a8a92514098b0a5dd1 | 2019-05-29 17:14:18 |
+------------------------------------------+---------------------+
You can get a list of device certificates using the listCertificates API method.
Adding a certificate
To add a device certificate:
-
In the management console, select the folder where you want to add a device certificate.
-
Select Yandex IoT Core.
-
Click on the name of the registry.
-
In the left menu, select Devices.
-
Select the desired device from the list.
-
On the Overview page, go to the Certificates section and click Add certificate.
-
To add a file:
- Choose the File method.
- Click Select file.
- Specify the certificate file on your computer and click Open.
- Click Add.
-
To add text:
- Choose the Text method.
- Insert the certificate body in the Contents field.
- Click Add.
-
If you don't have the Yandex.Cloud command line interface yet, install and initialize it.
Add a certificate to the device:
$ yc iot device certificate add \
--device-name my-device \ # Device name.
--certificate-file device-cert.pem # Path to the public part of the certificate.
device_id: b9135goeh1uc1s2i07nm
fingerprint: 65e5b050069da5ca5996a4a8a92514098b0a5dd1
certificate_data: |
-----BEGIN CERTIFICATE-----
MIIE/jCCAuagAwI...
-----END CERTIFICATE-----
created_at: "2019-05-29T17:14:18.804Z"
Deleting a certificate
To delete a device certificate:
- In the management console, select the folder to delete the device certificate from.
- Select the Yandex IoT Core.
- Click on the name of the registry.
- In the left menu, select Devices.
- Select the desired device from the list.
- On the Overview page, go to the Certificates section.
- Click in the line with the appropriate certificate and select Delete from the drop-down list.
- In the window that opens, click Delete.
If you don't have the Yandex.Cloud command line interface yet, install and initialize it.
-
Delete a device certificate:
$ yc iot device certificate delete --device-name my-device --fingerprint 65...
-
Make sure the certificate was deleted:
$ yc iot device certificate list --device-name my-device +-------------+------------+ | FINGERPRINT | CREATED AT | +-------------+------------+ +-------------+------------+