Amazon Web Services (AWS)
Amazon Web Services offers reliable, scalable, and inexpensive cloud computing services. Refer to AWS Documentation for more details.
AWS CA Certitifcate Registration
Create a CA certificate, a client certificate and a client key using the Openssl Certificate Creation documentation.
Open AWS
Login using your AWS credentials
Register the CA Certificate in AWS:
Go to
Security -> Certificate Authorities
andRegister CA Certificate
Select
Register CA
in the Multi-account modeChoose the CA certificate that you previously created in the Openssl Certificate Creation (CA.crt) step in the CA certificate registration, and set the CA status to
Active
and theAutomatic certificate registration
option toON
Register the CA.
Go to
Security -> Policies
and selectCreate Policy
. Enter the policy name (ex:DIC_POLICY
) and in the policy statements selectJSON
and replace the contents with the JSON provided below:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "*",
"Resource": "*"
}
]
}
Once done, select Create
.
Steps to generate the certificate for your Matter application to use in the
dic_config.h
header.Go to
All Devices -> Things
and selectCreate Things
.Select
Create Single Thing
and click Next.Specify thing properties Info -> Give the thing a name (Note: Client ID) and click Next.
Configure the device certificate - optional Info -> Use my certificate.
Certificate details -> Choose
CA is registered with AWS IOT
and Select the CA that registered with AWS in Step 4.Certificate -> Choose file (Choose Client certificate generated in Openssl Certificate Creation ex:
device.crt
) and set the certificate status toActive
. Click Next.Use the policy(ex:
DIC_POLICY
) created in AWS Certificate Creation.
Repeat Step 5 to create a new thing to use in MQTT Explorer using the certificate created for MQTT explorer ( from Openssl Certificate Creation ex:
explorer.crt
)NOTE:
Thing name must be unique as it will be used as CLIENT ID.
Copy the contents of AWS_CA CERT and create a .pem file to use as a SERVER CERTIFICATE in MQTT Explorer.