create_keys_and_certificate

create_keys_and_certificate(**kwargs)

Creates a 2048-bit RSA key pair and issues an X.509 certificate using the issued public key. You can also call CreateKeysAndCertificate over MQTT from a device, for more information, see Provisioning MQTT API.

Note This is the only time IoT issues the private key for this certificate, so it is important to keep it in a secure location.

Requires permission to access the CreateKeysAndCertificate action.

See also: AWS API Documentation

Request Syntax

response = client.create_keys_and_certificate(
    setAsActive=True|False
)
Parameters
setAsActive (boolean) -- Specifies whether the certificate is active.
Return type
dict
Returns
Response Syntax
{
    'certificateArn': 'string',
    'certificateId': 'string',
    'certificatePem': 'string',
    'keyPair': {
        'PublicKey': 'string',
        'PrivateKey': 'string'
    }
}

Response Structure

  • (dict) --

    The output of the CreateKeysAndCertificate operation.

    • certificateArn (string) --

      The ARN of the certificate.

    • certificateId (string) --

      The ID of the certificate. IoT issues a default subject name for the certificate (for example, IoT Certificate).

    • certificatePem (string) --

      The certificate data, in PEM format.

    • keyPair (dict) --

      The generated key pair.

      • PublicKey (string) --

        The public key.

      • PrivateKey (string) --

        The private key.

Exceptions

  • IoT.Client.exceptions.InvalidRequestException
  • IoT.Client.exceptions.ThrottlingException
  • IoT.Client.exceptions.UnauthorizedException
  • IoT.Client.exceptions.ServiceUnavailableException
  • IoT.Client.exceptions.InternalFailureException