- Newest
- Most votes
- Most comments
Hi,
Q1) you can use API https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_AssociateWirelessGatewayWithCertificate.html or CLI https://docs.aws.amazon.com/cli/latest/reference/iotwireless/associate-wireless-gateway-with-certificate.html for that purpose. As you mentioned, it's not optimal from security standpoint.
See this example for automation: https://github.com/aws-samples/aws-iot-core-lorawan/tree/main/automation
Q2) Server trust certs are for authentication cloud endpoints for LNS and CUPS. As long as gateways connect to the same endpoint, the server trust certs are the same. Practically that means that you can use the same one for the same account and region combination.
As of now https://docs.aws.amazon.com/iot-wireless/2020-11-22/apireference/API_AssociateWirelessGatewayWithCertificate.html will not allow cert to be shared. This is rule is there because we consider each Gateway as an individual client to IoTWireless service.
Relevant content
- Accepted Answerasked 2 months ago
- Accepted Answer
- asked 5 years ago
- Accepted Answerasked 7 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
Excellent thank you. I managed to also find the AWS CVM repo (https://github.com/awslabs/aws-iot-certificate-vending-machine) as well as a slightly simpler approach based on CVM here: https://github.com/t04glovern/serverless-cvm