How to provide your own device certificate
At Scaleway, a certificate is automatically created and attached to a device upon creation, if you have not previously set up your own Certificate Authority. You also have the option of setting up a specific certificate for your device.
You may need certain IAM permissions to carry out some actions described on this page. This means:
- you are the Owner of the Scaleway Organization in which the actions will be carried out, or
- you are an IAM user of the Organization, with a policy granting you the necessary permission sets
If you choose to replace the certificate, the previous one will be deleted and cannot be recovered. If you want to use a different Scaleway-managed certificate you can delete the device and create a new one using the same device name.
- You have an account and are logged into the Scaleway console
- You have created an IoT Hub
- You have added a device to this Hub
For a custom device certificate to be valid, it must be unique across all your Hubs.
When using a custom device certificate, the device must present the certificate as provided during the certificate replacement.
Switching to a custom device certificate allows for greater flexibility through:
- different key sizes & algorithms.
- different timeframe validity.
- your own personal private key not to be shared on the Internet.
-
Click IoT Hub in the Managed Services section of the side menu. The list of your IoT Hubs displays.
-
Click the name of the IoT Hub on which the targeted device is attached. The hub overview page displays.
-
Click the Devices tab of your hub. A list of your devices displays.
-
Click the name of the device for which you want to provide a custom certificate.
-
Scroll to the Replace Certificate section of the page. Then click Replace Device Certificate.
-
Click Upload to select your Device certificate
pemfile. -
Click Replace Device Certificate to complete the replacement.
You can now set up your device and use the certificate.