Signed Authentication Certificates for IOT Devices
To use your own X.509 certificates, you must register a certificate authority (CA) certificate with AWS IoT. After you have registered the certificate, you can upload any device certificates previously signed by the CA certificate and/or use the CA certificate to sign additional device certificates. You can register up to ten CA certificates with the same subject field per AWS account per region. This allows you to have more than one CA certificate to sign your device certificates.
This example describes how to create a self-signed device certificate to authenticate a connection to AWS IoT. The steps were completed on an instance of Ubuntu Linux with the following prerequisites installed:
Prerequisites
1. The AWS Command Line Interface (CLI)
2. openssl – openssl is installed on Ubuntu Linux by default. You can run the following commands from the console to upgrade to the most recent version of SSL: