This article describes how to verify directly connected devices or gateway sub-devices by using the unique-certificate-per-device verification method.

Background information

If you use the unique-certificate-per-device verification method, you must install a unique device certificate on each device in advance. A device certificate includes a ProductKey, DeviceName, and DeviceSecret. When you connect a device to IoT Platform, IoT Platform verifies the device based on the certificate. If the device passes the verification, IoT Platform activates the device to enable data communication between the device and IoT Platform.

The unique-certificate-per-device verification method is recommended because of its high level of security.

Process:

Device verification

Verify directly connected devices

You can connect directly connected devices to IoT Platform only over MQTT or HTTPS. If you want to register directly connected devices, perform the following steps:

  1. Create a product: When you create a product, set the Node Type parameter to Directly Connected Device.
  2. Add a device: Add a device to the created product and obtain the device certificate.
  3. Install the device certificate on the device.
    1. In this example, Link SDK for C is developed to register devices in the IoT Platform console over MQTT and HTTPS.
      Protocol type Procedure
      MQTT
      1. Download Link SDK for C.
      2. Register a device over MQTT: Initialize the Link SDK and then specify the certificate information of the device and the endpoint of IoT Platform.
      HTTPS
      1. Download Link SDK for C.
      2. Register a device over MQTT: Initialize the Link SDK and then specify the certificate information of the device and the endpoint of IoT Platform.
    2. Develop Link SDK for C based on your business requirements. For example, you can develop the following features: over-the-air (OTA) update, sub-device connection, Thing Specification Language (TSL) model, and device shadows.
      For information about how to develop the preceding features, see Link SDK.
    3. Install the developed device SDK on the device in the production line.
  4. Verify the device. After you power on the device and connect the device to IoT Platform, the device sends a verification request that contains the device certificate information to IoT Platform. For more information, see Establish MQTT over TCP connections and Establish connections over HTTPS.
  5. Activate the device. After IoT Platform verifies the device and establishes a connection with the device, the device can communicate with IoT Platform by using device topics. For more information, see What is a topic?.

Verify the sub-devices of a gateway

The registration method for gateways is the same as the registration method for directly connected devices. This section describes how to verify sub-devices by using the unique-certificate-per-device verification method. In this example, the MQTT protocol is used for communication.

  1. Create a product: Create a product for a gateway and a product for a sub-device. When you create a product for the gateway, set the Node Type parameter to Gateway Device. When you create a product for the sub-device, set the Node Type parameter to Gateway Sub-device.
  2. Add devices: Add devices to the created products and obtain the device certificates.
  3. Install the device certificates on the devices. In this example, Link SDK for C is used.
    1. Download Link SDK for C.
    2. Register the gateway over MQTT: Initialize the Link SDK and then specify the certificate information of the device and the endpoint of IoT Platform.
    3. Register the sub-device over MQTT: In the gateway SDK, initialize an instance to manage the sub-device. You must configure the topological relationship between the gateway and the sub-device and configure the logon capability of the sub-device.
    4. On the production line, burn the developed gateway SDK to the gateway and burn the sub-device certificate to the sub-device.
  4. Verify the gateway and sub-device. After you power on the gateway and sub-device and connect them to IoT Platform, the gateway sends a verification request to IoT Platform. The request includes the certificates of the gateway and sub-device.
    For more information about data formats, see Connect a sub-device to IoT Platform.
  5. Activate the device. After IoT Platform verifies the device and establishes a connection with the device, the device can communicate with IoT Platform by using device topics. For more information, see What is a topic?.