Call Device Shadow RestAPI and authenticate TLS mutual authentication with a client certificate.

https://docs.aws.amazon.com/iot/latest/developerguide/device-shadow-rest-api.html As mentioned in document above: The Device Shadow service accepts two forms of authentication: Signature Version 4 with IAM credentials or TLS mutual authentication with a client certificate. How can we get client certificate? Is it the one I downloaded when create thing in IOT Core?

주제

사물 인터넷(IoT)개발자 도구

태그

AWS IoT Core 개발자 도구

언어

English

rePost-User-2684239

질문됨 일 년 전239회 조회

1개 답변

최신
최다 투표
가장 많은 댓글

이 답변이 도움이 되었나요?커뮤니티가 여러분의 지식을 활용할 수 있도록 정답을 찬성하세요.

Hi. Yes that is one way to get a client certificate (and associated private key). And the easiest way when you're getting started.

Note that a device will typically use the MQTT topics (not the REST API) to interact with shadows: https://docs.aws.amazon.com/iot/latest/developerguide/device-shadow-mqtt.html

If you use one of our IoT Device SDKs, they have shadow support (on the MQTT topics) built-in: https://docs.aws.amazon.com/iot/latest/developerguide/iot-sdks.html#iot-device-sdks

전문가

Greg_B

답변함 일 년 전

rePost-User-2684239
일 년 전
I am using postman to test API request to Device Shadow REST API. But got Forbidden error after config client certificate. If I using access keys and private keys, it works. Could you have any example using client certificate?

Greg_B 전문가

일 년 전

Here's how you do it with curl: https://docs.aws.amazon.com/iot/latest/developerguide/http.html

curl --tlsv1.2 \
    --cacert Amazon-root-CA-1.pem \
    --cert device.pem.crt \
    --key private.pem.key \
    --request POST \
    --data "{ \"message\": \"Hello, world\" }" \
    "https://IoT_data_endpoint:8443/topics/topic?qos=1"

Call Device Shadow RestAPI and authenticate TLS mutual authentication with a client certificate.

관련 콘텐츠