In this solution, you do not need to burn certificates on devices. Instead, devices send requests to the server to retrieve certificates (ProductKey, DeviceName, and DeviceSecret) after being powered on and connected to networks.

Procedure

In this solution, you must deploy a device certificate distribution server, and develop the corresponding server API and device information table.

The certificate distribution server calls the API when receiving requests from devices to retrieve certificates. The business logic of this API is described as follows: queries the device information table based on the device ID that is specified in a request, and performs the following operations based on the query result.

  • Returns an error message if the device ID is not found in the table. The error message indicates that the device is invalid.
  • Returns a device certificate if the device ID is found in the table and the corresponding certificate exists.
  • Calls the RegisterDevice API operation of IoT Platform to register the device and returns a device certificate if the device ID is found in the table but the corresponding certificate does not exist.

After retrieving the certificate, the device can use the certificate to connect to IoT Platform.

The following figure shows the procedure.

Procedure of retrieving device certificates
Note
  • Devices must be able to automatically retrieve the IP address and connect to your certificate distribution server.
  • You can develop the certificate distribution server based on your needs.
  • You must ensure the security and reliability of the connections from devices to the certificate distribution server.

Server API

We recommend that you develop the API as follows.

  • Request parameters
    Parameter Description
    deviceId The ID of the device. You can specify a MAC address or series number (SN) for this parameter.
  • Response parameters
    Parameter Description
    productKey The ProductKey in the device certificate that is issued by IoT Platform.
    deviceName The DeviceName in the device certificate that is issued by IoT Platform.
    deviceSecret The DeviceSecret in the device certificate that is issued by IoT Platform.

Device information table

We recommend that you create the device information table as follows.

Table properties

Table property Recommended value
Table name device_table
Time to live (TTL) -1
Maximum data version 1
Maximum time offset 86400
Primary key deviceId

Fields

Field Description
deviceId The ID of the device. You can specify an MAC address or series number (SN) for this parameter.
registerTime The time when the device was registered.
activateTime The time when the device was activated.
productKey The ProductKey in the device certificate that is issued by IoT Platform.
deviceName The DeviceName in the device certificate that is issued by IoT Platform.
deviceSecret The DeviceSecret in the device certificate that is issued by IoT Platform.
IotId The device ID issued by IoT Platform. This parameter uniquely identifies the device in IoT Platform.