IoT / Client / create_keys_and_certificate

create_keys_and_certificate

IoT.Client.create_keys_and_certificate(**kwargs)

Creates a 2048-bit RSA key pair and issues an X.509 certificate using the issued public key. You can also call CreateKeysAndCertificate over MQTT from a device, for more information, see Provisioning MQTT API.

Note This is the only time IoT issues the private key for this certificate, so it is important to keep it in a secure location.

Requires permission to access the CreateKeysAndCertificate action.

See also: AWS API Documentation

Request Syntax

response = client.create_keys_and_certificate(
    setAsActive=True|False
)

Parameters:

setAsActive (boolean) – Specifies whether the certificate is active.

Return type:

dict

Returns:

Response Syntax

{
    'certificateArn': 'string',
    'certificateId': 'string',
    'certificatePem': 'string',
    'keyPair': {
        'PublicKey': 'string',
        'PrivateKey': 'string'
    }
}

Response Structure

• (dict) –

  The output of the CreateKeysAndCertificate operation.

  • certificateArn (string) –

    The ARN of the certificate.

  • certificateId (string) –

    The ID of the certificate. IoT issues a default subject name for the certificate (for example, IoT Certificate).

  • certificatePem (string) –

    The certificate data, in PEM format.

  • keyPair (dict) –

    The generated key pair.

    • PublicKey (string) –

      The public key.

    • PrivateKey (string) –

      The private key.

Exceptions

• IoT.Client.exceptions.InvalidRequestException

• IoT.Client.exceptions.ThrottlingException

• IoT.Client.exceptions.UnauthorizedException

• IoT.Client.exceptions.ServiceUnavailableException

• IoT.Client.exceptions.InternalFailureException