This topic describes how to use production lines to burn certificates (ProductKey, DeviceName, and DeviceSecret) on devices.

If you want to use this solution, you must transform production lines based on your business scenario. This topic describes the methods that you can use to burn certificates on devices.

Obtain device certificates

When you create devices, the system automatically generates the device certificates. You can use one of the following methods to retrieve device certificates and write the certificates to databases or files.

Method Procedure
Create a device
  • In the The devices have been added dialog box, click Learn More or Copy Device Certificate to obtain the device certificate.
  • On the Device List tab, find the device and click View in the Actions column. On the Device Details, click View to the right of DeviceSecret to obtain the information about the device certificate.
Create multiple devices at a time
  • After devices are created, the The devices have been added dialog box appears. Click Download Device Certificate to download the device certificates.
  • On the Devices page, click Batch Management. On the Batch Management tab, click DownloadCSV to download the certificates of all devices in the product.
Call an API operation to create a device Call API operations to create devices. IoT Platform returns the generated device certificates to your application.

Burn certificates

After you obtain device certificates, you can start a server on your production line to distribute the device certificates. Programmers, burners, or devices can apply for certificates from the certificate distributor and burn the certificates on the NVRAM or Flash of the devices.

Two certificate burning methods are available. You can use either of the burning methods based on your business requirements. The following figure shows the procedure.

Certificate burning procedure

The following section describes the burning methods.

  • Use programmers or burners to burn device certificates.

    You must modify the existing programmers or burner programs. Use personal computers to request device certificates from the certificate distributor and then use programmers or burners to burn the certificates on chips or devices.

    If you use this solution, multiple burners or programmers must be deployed on a production line to burn certificates. You can increase or decrease the number of burners or programmers based on the scale of device production.

  • Enable devices to directly retrieve certificates.

    You must configure device firmware to automatically detect whether valid certificates exist after devices are powered on. If no invalid certificates exist, the devices apply for certificates from the certificate distributor and then write the certificates to the NVRAM or Flash.

    If you use this solution, you do not need to deploy burners or programmers on your production line. In addition, multiple devices can apply for certificates from the certificate distributor at the same time.