IoT / Client / create_keys_and_certificate

create_keys_and_certificate#

IoT.Client.create_keys_and_certificate(**kwargs)#

Creates a 2048-bit RSA key pair and issues an X.509 certificate using the issued public key. You can also call CreateKeysAndCertificate over MQTT from a device, for more information, see Provisioning MQTT API.

Note This is the only time IoT issues the private key for this certificate, so it is important to keep it in a secure location.

Requires permission to access the CreateKeysAndCertificate action.

See also: AWS API Documentation

Request Syntax

response = client.create_keys_and_certificate(
    setAsActive=True|False
)
Parameters:

setAsActive (boolean) – Specifies whether the certificate is active.

Return type:

dict

Returns:

Response Syntax

{
    'certificateArn': 'string',
    'certificateId': 'string',
    'certificatePem': 'string',
    'keyPair': {
        'PublicKey': 'string',
        'PrivateKey': 'string'
    }
}

Response Structure

  • (dict) –

    The output of the CreateKeysAndCertificate operation.

    • certificateArn (string) –

      The ARN of the certificate.

    • certificateId (string) –

      The ID of the certificate. IoT issues a default subject name for the certificate (for example, IoT Certificate).

    • certificatePem (string) –

      The certificate data, in PEM format.

    • keyPair (dict) –

      The generated key pair.

      • PublicKey (string) –

        The public key.

      • PrivateKey (string) –

        The private key.

Exceptions

  • IoT.Client.exceptions.InvalidRequestException

  • IoT.Client.exceptions.ThrottlingException

  • IoT.Client.exceptions.UnauthorizedException

  • IoT.Client.exceptions.ServiceUnavailableException

  • IoT.Client.exceptions.InternalFailureException