Appendix B - Register the ExpressLink manufacturer certificate authority (CA)
After a claim-thing certificate is obtained, the next steps is to register the ExpressLink certificate with the manufacturer certificate authority (CA). This four step process walks the user through registering with the certificate authority (CA).
-
Follow the steps in Getting started with the AWS CLI to install the AWS CLI on your development machine.
-
Follow the steps in Configuration and credential file settings to configure the AWS CLI to use your AWS account credentials.
-
Register the root CA on your AWS account with the following AWS CLI command (replace
path-to-manufacturer-CA
with the local path of the the root CA):aws iot register-ca-certificate --ca-certificate file://
path-to-manufacturer-CA
--certificate-mode SNI_ONLY --set-as-active --allow-auto-registration(For more information on non-Amazon-signed certificates and certificate authorities on AWS IoT Core, see Create your own client certificates.
-
Record the CA certificate id that is shown in the output of the command above. The CA certificate id is a long hexadecimal string. You will need this later.