This topic describes how to use production lines to burn certificates (ProductKey, DeviceName, and DeviceSecret) on devices.
The solution requires device manufacturers to transform production lines based on business needs. This topic only describes the burning methods that are available.
Retrieve device certificates
When you create devices, the system automatically generates the device certificates. You can use one of the following methods to retrieve device certificates and write the certificates to databases or files.
- Use the IoT Platform console to create a device and view the device certificate.
- After a device is created, the The devices have been added. dialog box automatically appears. Click Learn More or Copy Device Certificate to retrieve the device certificate.
- On the Device List tab, find the required device and click View. On the Device Details page, click the Device Information tab to view the device information.
- Use the IoT Platform console to create multiple devices and view the device certificates.
- After devices are created, the The devices have been added. dialog box appears. Click Download Device Certificate to download the device certificates.
- On the Devices page, click the Batch Management tab. On this tab, click DownloadCSV to download the certificates of all devices under the product.
- Call API operations to create devices. IoT Platform returns the generated device certificates to your application.
- For information about how to create a product, see Create a product.
- Topics about how to create devices:
- For information about how to create a device in the IoT Platform console, see Create a device.
- For information about how to create multiple devices in the IoT Platform console, see Create multiple devices at a time.
- You can call API operations to create devices. IoT Platform provides the RegisterDevice operation to create a single device and the BatchRegisterDevice and BatchRegisterDeviceWithApplyId operations to create multiple devices. For information about how to retrieve the SDK and call the API operations, see Download SDKs.
After retrieving device certificates, you can start a server on your production line to distribute the device certificates. Programmers, burners, or devices can apply for certificates to the certificate distributor and burn the certificates on the NVRAM or Flash of the devices.
Two certificate burning methods are available. You can use either of the burning methods based on your needs. The following figure shows the procedure.
Two burning methods are described as follows:
- Use programmers or burners to burn device certificates.
You need to modify the existing programmers or burner programs. Use PCs to apply for device certificates to the certificate distributor and then use programmers or burners to burn the certificates on chips or devices.
In this solution, multiple burners or programmers must be deployed on a production line to burn certificates. You can increase or decrease the number of burners or programmers based on the scale of device production.
- Enable devices to directly retrieve certificates.
You need to enable device firmware to automatically detect whether valid certificates exist after devices are powered on. If no invalid certificates exist, devices apply for certificates to the certificate distributor and then write the certificates into the NVRAM or Flash.
In this solution, you do not need to deploy burners or programmers on your production line. In addition, multiple devices can apply for certificates to the certificate distributor at the same time.