This topic describes how to use production lines to burn certificates (ProductKey, DeviceName, and DeviceSecret) on devices.
If you want to use this solution, you must transform production lines based on your business scenario. This topic describes the methods that you can use to burn certificates on devices.
Obtain device certificates
When you create devices, the system automatically generates the device certificates. You can use one of the following methods to retrieve device certificates and write the certificates to databases or files.
|Create a device||
|Create multiple devices at a time||
|Call an API operation to create a device||Call API operations to create devices. IoT Platform returns the generated device certificates to your application.|
After you obtain device certificates, you can start a server on your production line to distribute the device certificates. Programmers, burners, or devices can apply for certificates from the certificate distributor and burn the certificates on the NVRAM or Flash of the devices.
Two certificate burning methods are available. You can use either of the burning methods based on your business requirements. The following figure shows the procedure.
The following section describes the burning methods.
- Use programmers or burners to burn device certificates.
You must modify the existing programmers or burner programs. Use personal computers to request device certificates from the certificate distributor and then use programmers or burners to burn the certificates on chips or devices.
If you use this solution, multiple burners or programmers must be deployed on a production line to burn certificates. You can increase or decrease the number of burners or programmers based on the scale of device production.
- Enable devices to directly retrieve certificates.
You must configure device firmware to automatically detect whether valid certificates exist after devices are powered on. If no invalid certificates exist, the devices apply for certificates from the certificate distributor and then write the certificates to the NVRAM or Flash.
If you use this solution, you do not need to deploy burners or programmers on your production line. In addition, multiple devices can apply for certificates from the certificate distributor at the same time.