Menu
AWS IoT
Developer Guide

RegisterCertificate

Registers a device certificate with AWS IoT. If you have more than one CA certificate that has the same subject field, you must specify the CA certificate that was used to sign the device certificate being registered.

Request syntax:

POST /certificate/register?setAsActive=setAsActive Content-type: application/json { "certificatePem": "string", "caCertificatePem": "string", "status": "string" }

URI Request Parameters:

Name

Type

Req?

Description

setAsActive

SetAsActiveFlag

no

A boolean value that specifies if the CA certificate is set to active.

Request Body Parameters:

Name

Type

Req?

Description

certificatePem

CertificatePem

yes

The certificate data, in PEM format.

caCertificatePem

CertificatePem

no

The CA certificate used to sign the device certificate being registered.

status

CertificateStatus

no

The status of the register certificate request.

Response syntax:

Content-type: application/json { "certificateArn": "string", "certificateId": "string" }

Response Body Parameters:

Name

Type

Req?

Description

certificateArn

CertificateArn

no

The certificate ARN.

certificateId

CertificateId

no

The certificate identifier.

Errors:

ResourceAlreadyExistsException

The resource already exists.

HTTP response code: 409

InvalidRequestException

The contents of the request were invalid. For example, this code is returned when an UpdateJobExecution request contains invalid status details. The message contains details about the error.

HTTP response code: 400

CertificateValidationException

The certificate is invalid.

HTTP response code: 400

CertificateStateException

The certificate operation is not allowed.

HTTP response code: 406

CertificateConflictException

Unable to verify the CA certificate used to sign the device certificate you are attempting to register. This is happens when you have registered more than one CA certificate that has the same subject field and public key.

HTTP response code: 409

ThrottlingException

The rate exceeds the limit.

HTTP response code: 429

UnauthorizedException

You are not authorized to perform this operation.

HTTP response code: 401

ServiceUnavailableException

The service is temporarily unavailable.

HTTP response code: 503

InternalFailureException

An unexpected error has occurred.

HTTP response code: 500

CLI

Synopsis:

aws iot register-certificate \ --certificate-pem <value> \ [--ca-certificate-pem <value>] \ [--set-as-active | --no-set-as-active] \ [--status <value>] \ [--cli-input-json <value>] \ [--generate-cli-skeleton]

cli-input-json format:

{ "certificatePem": "string", "caCertificatePem": "string", "status": "string" }

cli-input-json fields:

Name

Type

Description

certificatePem

string

length max:65536 min:1

The certificate data, in PEM format.

caCertificatePem

string

length max:65536 min:1

The CA certificate used to sign the device certificate being registered.

status

string

enum: ACTIVE | INACTIVE | REVOKED | PENDING_TRANSFER | REGISTER_INACTIVE | PENDING_ACTIVATION

java class: iot.identity.service.CertificateStatus

The status of the register certificate request.

Output:

{ "certificateArn": "string", "certificateId": "string" }

cli output fields:

Name

Type

Description

certificateArn

string

The certificate ARN.

certificateId

string

length max:64 min:64

pattern: (0x)?[a-fA-F0-9]+

The certificate identifier.

On this page: