AWS and GCP devices use client certificate authentication to encrypt communication and authenticate the broker to the client.
AWS IoT requires the MQTT client to register with AWS IoT, which generates a client certificate. GCP devices use RSA keys.
After acquiring your client certificate, this procedure documents how to import it into the User Key Store.
Prerequisites: You are working in
Workbench running on a PC and are connected to a controller station.
- Using a secure channel, download the certificate from the AWS IoT portal or Google Cloud Platform to your PC.
CAUTION: Always share certificates over a secure channel.
- Working in the station, expand and double-click CertManagerService.
The
Certificate Management view opens.
This same view is available by expanding Platform and double-clicking Certificate Management.
- At the bottom of the view, click the Import button and navigate to where you saved the certificate.
- After selecting the certificate, click Open.
The next step associates this certificate with the device.
- Expand .
- Do one of the following:
- If you are using the AWS IoT cloud, expand AwsMqttDevice and double-click authenticator.
- If you are using the Google Cloud Platform, expand and double-click Token Parameters.
- To select the client certificate, use the
Certificate Alias drop-down list.
You are ready to connect your client to the broker.