To start exchanging data between your devices:
- Create certificates for a registry and device.
- Create a registry and add a certificate to it.
- Create a device in the registry and add a certificate to it.
- Connect to the MQTT broker.
Before you start
To get started, you will need:
A folder in Yandex.Cloud. If you don't have a folder yet, create one:
Click Create folder in the Home page of the management console.
Enter the folder name.
The name must be unique within the folder. The name may contain lowercase Latin letters, numbers, and hyphens. The first character must be a letter. The last character can't be a hyphen. The maximum length of the name is 63 characters.
Select Create a default network. A network is created with subnets in each availability zone.
Click Create folder.
A command line interface: Yandex CLI.
A certificate from the certificate authority (CA): https://storage.yandexcloud.net/mqtt/rootCA.crt.
Creating a certificate
For devices and registries to interact, you must have X.509 certificates:
If you have a certificate, just add it to the device in the registry.
If not, you can create a certificate, for example, with OpenSSL:
$ openssl req -x509 \ # X.509 certificate. -newkey rsa:4096 \ # Encryption algorithm. -keyout key.pem \ # File to write the private key to. -out cert.pem \ # File to save the certificate to. -nodes \ # This flag is set when no public key encryption is required. -days 365 \ # Certificate validity period in days. -subj '/CN=localhost' # Request object.
Creating a registry
Create a registry:
$ yc iot registry create --name my-registry id: b91hafek85hpppnbpld2 folder_id: aoek49ghmknnpj1ll45e created_at: "2019-05-27T13:40:06.923Z" name: my-registry
Add a certificate to the registry:
$ yc iot registry certificate add \ --registry-name my-registry \ # Registry name. --certificate-file ./certs/registry-cert.pem # Path to the public part of the certificate. registry_id: b91hafek85hpppnbpld2 fingerprint: 589ce16050**** certificate_data: | -----BEGIN CERTIFICATE----- MIIE/jCCAuagAwIBAgIJAPRA... -----END CERTIFICATE----- created_at: "2019-05-27T13:41:45.295Z"
Creating a device
Create a device:
$ yc iot device create \ --registry-name my-registry \ # Registry name. --name my-device # Device name. id: b912an77oqaeijolmlgm registry_id: b91hafek85hpppnbpld2 created_at: "2019-05-27T13:44:35.164Z" name: my-device
Add a certificate to the device:
$ yc iot device certificate add \ --device-name my-device \ # Device name. --certificate-file ./certs/device-cert.pem # Path to the public part of the certificate. device_id: b912an77oqaeijolmlgm fingerprint: 65e5b05006... certificate_data: | -----BEGIN CERTIFICATE----- MIIE/jCCAuagAwIBAgIJANZbq... -----END CERTIFICATE----- created_at: "2019-05-27T13:45:23.306Z"
Configure message exchange between devices and registers
Learn how to: