Skip to content

Managing CA Certificates

Overview

MQTT agents which want to interact with your MindSphere tenant need to authenticate themselves by a unique certificate identity.

You can upload up to two X.509 based public certificates to MindSphere. The MQTT agent needs to authenticate with an agent certificate.

Prerequisites

Registring CA Certificate

  1. Login to your MindSphere tenant.

    Info

    The Native MQTT API Services are currently available in regions EU1 and EU2.

  2. Launch the "Asset Manager" application from the Launchpad.

    image1

  3. Go to "Manage MQTT Certificates" under "Connectivity".

    image2

  4. Click "Upload Certificate".

    image3

  5. Upload Public Certificate.

    image4

    • Provide a name for your CA certificate.

      image5

    • Obtain a CA certificate and upload it. The CA certificate can also be self-signed. To create a self-signed CA certificate, the steps are provided within the user interface. Click on the (?) symbol to see the details of the steps. Each line indicates a command to be executed in the sequence desired. Copy the step and paste it into a terminal and provide appropriate information by replacing β€œ with an appropriate value. For example, set TENANT=” should result into, set TENANT=tenantName. Alternatively, this can be copied into a file and executed sequentially.

      image6

    • After the second step, your registration code will be generated automatically. Note that, you may have to wait for a few seconds for the code to be generated. This code is required for creating a verification certificate.

      image7

    • Generate a verification certificate based on your CA certificate and the Registration Code and upload it. Click on the (?) symbol to see the details of the steps to create a verification certificate. Execute these steps as you have done earlier.

      image8

  6. If the uploaded verification certificate is correct, the certificate upload process is completed. Next, you can start issuing device certificates. CA Certificate is listed in "Own certificates".

    image9

Any questions left?

Ask the community


Except where otherwise noted, content on this site is licensed under the MindSphere Development License Agreement.


Last update: December 22, 2021