Menu
AWS IoT
API Reference (API Version 2015-05-28)

CreateKeysAndCertificate

Creates a 2048-bit RSA key pair and issues an X.509 certificate using the issued public key.

Note This is the only time AWS IoT issues the private key for this certificate, so it is important to keep it in a secure location.

Request Syntax

Copy
POST /keys-and-certificate?setAsActive=setAsActive HTTP/1.1

URI Request Parameters

The request requires the following URI parameters.

setAsActive

Specifies whether the certificate is active.

Request Body

The request does not have a request body.

Response Syntax

Copy
HTTP/1.1 200 Content-type: application/json { "certificateArn": "string", "certificateId": "string", "certificatePem": "string", "keyPair": { "PrivateKey": "string", "PublicKey": "string" } }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

certificateArn

The ARN of the certificate.

Type: String

certificateId

The ID of the certificate. AWS IoT issues a default subject name for the certificate (for example, AWS IoT Certificate).

Type: String

Length Constraints: Fixed length of 64.

Pattern: (0x)?[a-fA-F0-9]+

certificatePem

The certificate data, in PEM format.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 65536.

keyPair

The generated key pair.

Type: KeyPair object

Errors

InternalFailureException

An unexpected error has occurred.

HTTP Status Code: 500

InvalidRequestException

The request is not valid.

HTTP Status Code: 400

ServiceUnavailableException

The service is temporarily unavailable.

HTTP Status Code: 503

ThrottlingException

The rate exceeds the limit.

HTTP Status Code: 429

UnauthorizedException

You are not authorized to perform this operation.

HTTP Status Code: 401

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: