HomeManaged ServicesIoT HubHow to
Provide your own device certificate
Update content

How to provide your own device certificate

Reviewed on 19 June 2023Published on 07 July 2021

At Scaleway, a certificate is automatically created and attached to a device upon creation, if you have not previously set up your own Certificate Authority. You also have the option of setting up a specific certificate for your device.

Security & Identity (IAM):

You may need certain IAM permissions to carry out some actions described on this page. This means:

  • you are the Owner of the Scaleway Organization in which the actions will be carried out, or
  • you are an IAM user of the Organization, with a policy granting you the necessary permission sets

If you choose to replace the certificate, the previous one will be deleted and cannot be recovered. If you want to use a different Scaleway-managed certificate you can delete the device and create a new one using the same device name.


For a custom device certificate to be valid, it must be unique across all your Hubs.

When using a custom device certificate, the device must present the certificate as provided during the certificate replacement.

Switching to a custom device certificate allows for greater flexibility through:

  • different key sizes & algorithms.
  • different timeframe validity.
  • your own personal private key not to be shared on the Internet.
  1. Click IoT Hub in the Managed Services section of the side menu. The list of your IoT Hubs displays.

  2. Click the name of the IoT Hub on which the targeted device is attached. The hub overview page displays.

  3. Click the Devices tab of your hub. A list of your devices displays.

  4. Click the name of the device for which you want to provide a custom certificate.

  5. Scroll to the Replace Certificate section of the page. Then click Replace Device Certificate.

  6. Click Upload to select your Device certificate pem file.

  7. Click Replace Device Certificate to complete the replacement.

    You can now set up your device and use the certificate.

See Also