Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- PS C:\ncs\v2.6.0\nrf\scripts> python cert_tool.py root_ca
- ca/root-ca-key.pem generated successfully!
- C:\ncs\v2.6.0\nrf\scripts\cert_tool.py:184: DeprecationWarning: datetime.datetime.utcnow() is deprecated and scheduled for removal in a future version. Use timezone-aware objects to represent datetimes in UTC: datetime.datetime.now(datetime.UTC).
- .not_valid_before(datetime.datetime.utcnow())
- C:\ncs\v2.6.0\nrf\scripts\cert_tool.py:185: DeprecationWarning: datetime.datetime.utcnow() is deprecated and scheduled for removal in a future version. Use timezone-aware objects to represent datetimes in UTC: datetime.datetime.now(datetime.UTC).
- .not_valid_after(datetime.datetime.utcnow() + datetime.timedelta(days=365))
- WARNING: This certificate is for testing purposes only and should not be used in production.
- Certificate saved as ca/root-ca-cert.pem
- PS C:\ncs\v2.6.0\nrf\scripts> python cert_tool.py sub_ca
- ca/sub-ca-key.pem generated successfully!
- C:\ncs\v2.6.0\nrf\scripts\cert_tool.py:184: DeprecationWarning: datetime.datetime.utcnow() is deprecated and scheduled for removal in a future version. Use timezone-aware objects to represent datetimes in UTC: datetime.datetime.now(datetime.UTC).
- .not_valid_before(datetime.datetime.utcnow())
- C:\ncs\v2.6.0\nrf\scripts\cert_tool.py:185: DeprecationWarning: datetime.datetime.utcnow() is deprecated and scheduled for removal in a future version. Use timezone-aware objects to represent datetimes in UTC: datetime.datetime.now(datetime.UTC).
- .not_valid_after(datetime.datetime.utcnow() + datetime.timedelta(days=365))
- WARNING: This certificate is for testing purposes only and should not be used in production.
- Certificate saved as ca/sub-ca-cert.pem
- PS C:\ncs\v2.6.0\nrf\scripts> az iot hub certificate create --hub-name IotHub003 --name test_root_cert --path ca/root-ca-cert.pem
- {
- "etag": "IjUxMDUzZjIzLTAwMDAtMDEwMC0wMDAwLTY2M2I1ZmQ2MDAwMCI=",
- "id": "/subscriptions/de121bc4-c0c4-4267-af61-9f5f6cf6c79e/resourceGroups/Dev/providers/Microsoft.Devices/IotHubs/IotHub003/certificates/test_root_cert",
- "name": "test_root_cert",
- "properties": {
- "certificate": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUIwRENDQVhlZ0F3SUJBZ0lVS1QvMW56elRqZFBvS0VCQjd1S2tvcTJod25jd0NnWUlLb1pJemowRUF3SXcKWGpFTE1Ba0dBMVVFQmhNQ1ZWTXhEVEFMQmdOVkJBZ01CRlJsYzNReERUQUxCZ05WQkFjTUJGUmxjM1F4R2pBWQpCZ05WQkFvTUVWUmxjM1FnVDNKbllXNXBlbUYwYVc5dU1SVXdFd1lEVlFRRERBeFVaWE4wSUZKdmIzUWdRMEV3CkhoY05NalF3TlRBNE1URXhPVEF6V2hjTk1qVXdOVEE0TVRFeE9UQXpXakJlTVFzd0NRWURWUVFHRXdKVlV6RU4KTUFzR0ExVUVDQXdFVkdWemRERU5NQXNHQTFVRUJ3d0VWR1Z6ZERFYU1CZ0dBMVVFQ2d3UlZHVnpkQ0JQY21kaApibWw2WVhScGIyNHhGVEFUQmdOVkJBTU1ERlJsYzNRZ1VtOXZkQ0JEUVRCWk1CTUdCeXFHU000OUFnRUdDQ3FHClNNNDlBd0VIQTBJQUJHMlZrNG9LUk0rQWI4ajcrSy9hOTlBVDNUc2VaQ1R6bmpVV1BnZTZwTXFNcmYzTEJadkIKR1dqc2t2bkVWYldmZVl5d1JMSnpBdE5CRWN1bVBYVWc0RldqRXpBUk1BOEdBMVVkRXdFQi93UUZNQU1CQWY4dwpDZ1lJS29aSXpqMEVBd0lEUndBd1JBSWdGZzJxanBRNms0ZUgyb0lVVklTMUNUUFBJaG4xdDdqOEpVaUxjcng5Cm1lZ0NJRG5UTHl6R1FqaHNoYXVMWkxzbkEyV3FEd0FLYzFLam95dlkwRStGb251KwotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==",
- "created": "2024-05-08T11:19:50+00:00",
- "expiry": "2025-05-08T11:19:03+00:00",
- "isVerified": false,
- "subject": "Test Root CA",
- "thumbprint": "8206C809EC89C9E03227B0F5C425AFD6E99645AB",
- "updated": "2024-05-08T11:19:50+00:00"
- },
- "resourceGroup": "Dev",
- "type": "Microsoft.Devices/IotHubs/Certificates"
- }
- PS C:\ncs\v2.6.0\nrf\scripts> az iot hub certificate generate-verification-code --hub-name IotHub003 --name test_root_cert --etag "IjUxMDUzZjIzLTAwMDAtMDEwMC0wMDAwLTY2M2I1ZmQ2MDAwMCI="
- {
- "etag": "IjUxMDU0NzJmLTAwMDAtMDEwMC0wMDAwLTY2M2I1ZmY1MDAwMCI=",
- "id": "/subscriptions/de121bc4-c0c4-4267-af61-9f5f6cf6c79e/resourceGroups/Dev/providers/Microsoft.Devices/IotHubs/IotHub003/certificates/test_root_cert",
- "name": "test_root_cert",
- "properties": {
- "certificate": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUIwRENDQVhlZ0F3SUJBZ0lVS1QvMW56elRqZFBvS0VCQjd1S2tvcTJod25jd0NnWUlLb1pJemowRUF3SXcKWGpFTE1Ba0dBMVVFQmhNQ1ZWTXhEVEFMQmdOVkJBZ01CRlJsYzNReERUQUxCZ05WQkFjTUJGUmxjM1F4R2pBWQpCZ05WQkFvTUVWUmxjM1FnVDNKbllXNXBlbUYwYVc5dU1SVXdFd1lEVlFRRERBeFVaWE4wSUZKdmIzUWdRMEV3CkhoY05NalF3TlRBNE1URXhPVEF6V2hjTk1qVXdOVEE0TVRFeE9UQXpXakJlTVFzd0NRWURWUVFHRXdKVlV6RU4KTUFzR0ExVUVDQXdFVkdWemRERU5NQXNHQTFVRUJ3d0VWR1Z6ZERFYU1CZ0dBMVVFQ2d3UlZHVnpkQ0JQY21kaApibWw2WVhScGIyNHhGVEFUQmdOVkJBTU1ERlJsYzNRZ1VtOXZkQ0JEUVRCWk1CTUdCeXFHU000OUFnRUdDQ3FHClNNNDlBd0VIQTBJQUJHMlZrNG9LUk0rQWI4ajcrSy9hOTlBVDNUc2VaQ1R6bmpVV1BnZTZwTXFNcmYzTEJadkIKR1dqc2t2bkVWYldmZVl5d1JMSnpBdE5CRWN1bVBYVWc0RldqRXpBUk1BOEdBMVVkRXdFQi93UUZNQU1CQWY4dwpDZ1lJS29aSXpqMEVBd0lEUndBd1JBSWdGZzJxanBRNms0ZUgyb0lVVklTMUNUUFBJaG4xdDdqOEpVaUxjcng5Cm1lZ0NJRG5UTHl6R1FqaHNoYXVMWkxzbkEyV3FEd0FLYzFLam95dlkwRStGb251KwotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==",
- "created": "2024-05-08T11:19:50+00:00",
- "expiry": "2025-05-08T11:19:03+00:00",
- "isVerified": false,
- "subject": "Test Root CA",
- "thumbprint": "8206C809EC89C9E03227B0F5C425AFD6E99645AB",
- "updated": "2024-05-08T11:20:21+00:00",
- "verificationCode": "56B9A3676CEDA3949119D5D6789F5AE983CE2266415A9468"
- },
- "resourceGroup": "Dev",
- "type": "Microsoft.Devices/IotHubs/Certificates"
- }
- PS C:\ncs\v2.6.0\nrf\scripts> python cert_tool.py client_key
- certs/private-key.pem generated successfully!
- PS C:\ncs\v2.6.0\nrf\scripts> cert_tool.py csr --common-name 56B9A3676CEDA3949119D5D6789F5AE983CE2266415A9468
- cert_tool.py : The term 'cert_tool.py' is not recognized as the name of a cmdlet, function, script file, or operable program. Check
- the spelling of the name, or if a path was included, verify that the path is correct and try again.
- At line:1 char:1
- + cert_tool.py csr --common-name 56B9A3676CEDA3949119D5D6789F5AE983CE22 ...
- + ~~~~~~~~~~~~
- + CategoryInfo : ObjectNotFound: (cert_tool.py:String) [], CommandNotFoundException
- + FullyQualifiedErrorId : CommandNotFoundException
- Suggestion [3,General]: The command cert_tool.py was not found, but does exist in the current location. Windows PowerShell does not load commands from the current location by default. If you trust this command, instead type: ".\cert_tool.py". See "get-help about_Command_Precedence" for more details.
- PS C:\ncs\v2.6.0\nrf\scripts> python cert_tool.py csr --common-name 56B9A3676CEDA3949119D5D6789F5AE983CE2266415A9468
- CSR saved as certs/client-csr.pem
- PS C:\ncs\v2.6.0\nrf\scripts> python cert_tool.py sign_root
- Signing certificate with CN: 56B9A3676CEDA3949119D5D6789F5AE983CE2266415A9468
- C:\ncs\v2.6.0\nrf\scripts\cert_tool.py:323: DeprecationWarning: datetime.datetime.utcnow() is deprecated and scheduled for removal in a future version. Use timezone-aware objects to represent datetimes in UTC: datetime.datetime.now(datetime.UTC).
- .not_valid_before(datetime.datetime.utcnow())
- C:\ncs\v2.6.0\nrf\scripts\cert_tool.py:324: DeprecationWarning: datetime.datetime.utcnow() is deprecated and scheduled for removal in a future version. Use timezone-aware objects to represent datetimes in UTC: datetime.datetime.now(datetime.UTC).
- .not_valid_after(datetime.datetime.utcnow() + datetime.timedelta(days=365))
- Signed client certificate saved as certs/client-cert.pem
- PS C:\ncs\v2.6.0\nrf\scripts> az iot hub certificate verify --hub-name IotHub003 --name test_root_cert --etag "IjUxMDU0NzJmLTAwMDAtMDEwMC0wMDAwLTY2M2I1ZmY1MDAwMCI="
- the following arguments are required: --path/-p
- Examples from AI knowledge base:
- az iot hub certificate verify --hub-name MyIotHub --name MyCertificate --path /certificates/Verification.pem --etag AAAAAAAAAAA=
- Verifies ownership of the MyCertificate private key.
- az iot hub certificate verify --etag AAAAAAAAAAA= --hub-name MyIotHub --name MyCertificate --path /certificates/Verification.pem --resource-group MyResourceGroup --subscription MySubscription
- Verifies an Azure IoT Hub certificate (autogenerated)
- https://aka.ms/cli_ref
- Read more about the command in reference docs
- PS C:\ncs\v2.6.0\nrf\scripts> az iot hub certificate verify --hub-name IotHub003 --name test_root_cert --etag "IjUxMDU0NzJmLTAwMDAtMDEwMC0wMDAwLTY2M2I1ZmY1MDAwMCI=" --path certs/client-cert.pem
- {
- "etag": "IjUxMDVkZjU5LTAwMDAtMDEwMC0wMDAwLTY2M2I2MDZkMDAwMCI=",
- "id": "/subscriptions/de121bc4-c0c4-4267-af61-9f5f6cf6c79e/resourceGroups/Dev/providers/Microsoft.Devices/IotHubs/IotHub003/certificates/test_root_cert",
- "name": "test_root_cert",
- "properties": {
- "certificate": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUIwRENDQVhlZ0F3SUJBZ0lVS1QvMW56elRqZFBvS0VCQjd1S2tvcTJod25jd0NnWUlLb1pJemowRUF3SXcKWGpFTE1Ba0dBMVVFQmhNQ1ZWTXhEVEFMQmdOVkJBZ01CRlJsYzNReERUQUxCZ05WQkFjTUJGUmxjM1F4R2pBWQpCZ05WQkFvTUVWUmxjM1FnVDNKbllXNXBlbUYwYVc5dU1SVXdFd1lEVlFRRERBeFVaWE4wSUZKdmIzUWdRMEV3CkhoY05NalF3TlRBNE1URXhPVEF6V2hjTk1qVXdOVEE0TVRFeE9UQXpXakJlTVFzd0NRWURWUVFHRXdKVlV6RU4KTUFzR0ExVUVDQXdFVkdWemRERU5NQXNHQTFVRUJ3d0VWR1Z6ZERFYU1CZ0dBMVVFQ2d3UlZHVnpkQ0JQY21kaApibWw2WVhScGIyNHhGVEFUQmdOVkJBTU1ERlJsYzNRZ1VtOXZkQ0JEUVRCWk1CTUdCeXFHU000OUFnRUdDQ3FHClNNNDlBd0VIQTBJQUJHMlZrNG9LUk0rQWI4ajcrSy9hOTlBVDNUc2VaQ1R6bmpVV1BnZTZwTXFNcmYzTEJadkIKR1dqc2t2bkVWYldmZVl5d1JMSnpBdE5CRWN1bVBYVWc0RldqRXpBUk1BOEdBMVVkRXdFQi93UUZNQU1CQWY4dwpDZ1lJS29aSXpqMEVBd0lEUndBd1JBSWdGZzJxanBRNms0ZUgyb0lVVklTMUNUUFBJaG4xdDdqOEpVaUxjcng5Cm1lZ0NJRG5UTHl6R1FqaHNoYXVMWkxzbkEyV3FEd0FLYzFLam95dlkwRStGb251KwotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==",
- "created": "2024-05-08T11:19:50+00:00",
- "expiry": "2025-05-08T11:19:03+00:00",
- "isVerified": true,
- "subject": "Test Root CA",
- "thumbprint": "8206C809EC89C9E03227B0F5C425AFD6E99645AB",
- "updated": "2024-05-08T11:22:21+00:00"
- },
- "resourceGroup": "Dev",
- "type": "Microsoft.Devices/IotHubs/Certificates"
- }
- PS C:\ncs\v2.6.0\nrf\scripts> nrfcredstore COM3 list
- Secure tag Key type SHA
- 100 ROOT_CA_CERT 616552BECF388A41B4CF611E19FA29202727801223A49EAAA3B2B870C197E0A8
- 955 ROOT_CA_CERT 02D55E6202B89C1060482D1235CF20F1CF52315B6A91027C89CF530B253CA15C
- 16842753 ROOT_CA_CERT 0E0A61E2E78D28EEA66B15A9B10C1F4E5E8AD379FEA9131D02EC4A2473F9AB9C
- 16842753 CLIENT_CERT C72403A1C8324338F760D84258CED44CF1C0ECD1D1B302BEE72FFDFCBE68BAF6
- 16842753 CLIENT_KEY 43455481E49EC20447B4A49AA774ABDC40064FE0B8E7B96C95BABCBE12339677
- 4294967293 NORDIC_ID_ROOT_CA 2C43952EE9E000FF2ACC4E2ED0897C0A72AD5FA72C3D934E81741CBD54F05BD1
- 4294967294 DEV_ID_PUB_KEY 690E95A9C1A6EE57F3A2DBE2F4F4E7A8A32B98386AAA5ABD688C8B6132AC8A66
- 4294967292 NORDIC_PUB_KEY 2027C4699EAA90A414D33FA81B975C0FDEDEFB04A19CEA1ED43A8876CAD31E89
- PS C:\ncs\v2.6.0\nrf\scripts> nrfcredstore COM3 generate 10 certs/client-csr.der
- New private key generated in secure tag 10
- Wrote CSR in DER format to certs/client-csr.der
- PS C:\ncs\v2.6.0\nrf\scripts> openssl req -inform DER -in certs/client-csr.der -outform PEM -out certs/client-csr.pem
- PS C:\ncs\v2.6.0\nrf\scripts> python cert_tool.py sign
- Signing certificate with CN: 504b4230-3230-4bf4-8073-0f1bd109e9e0
- C:\ncs\v2.6.0\nrf\scripts\cert_tool.py:323: DeprecationWarning: datetime.datetime.utcnow() is deprecated and scheduled for removal in a future version. Use timezone-aware objects to represent datetimes in UTC: datetime.datetime.now(datetime.UTC).
- .not_valid_before(datetime.datetime.utcnow())
- C:\ncs\v2.6.0\nrf\scripts\cert_tool.py:324: DeprecationWarning: datetime.datetime.utcnow() is deprecated and scheduled for removal in a future version. Use timezone-aware objects to represent datetimes in UTC: datetime.datetime.now(datetime.UTC).
- .not_valid_after(datetime.datetime.utcnow() + datetime.timedelta(days=365))
- Signed client certificate saved as certs/client-cert.pem
- PS C:\ncs\v2.6.0\nrf\scripts> nrfcredstore COM3 write 10 CLIENT_CERT certs/client-cert.pem
- PS C:\ncs\v2.6.0\nrf\scripts> az iot hub device-identity create -n IotHub003 -d 504b4230-3230-4bf4-8073-0f1bd109e9e0 --am x509_ca
- {
- "authentication": {
- "symmetricKey": {
- "primaryKey": null,
- "secondaryKey": null
- },
- "type": "certificateAuthority",
- "x509Thumbprint": {
- "primaryThumbprint": null,
- "secondaryThumbprint": null
- }
- },
- "capabilities": {
- "iotEdge": false
- },
- "cloudToDeviceMessageCount": 0,
- "connectionState": "Disconnected",
- "connectionStateUpdatedTime": "0001-01-01T00:00:00+00:00",
- "deviceId": "504b4230-3230-4bf4-8073-0f1bd109e9e0",
- "deviceScope": null,
- "etag": "MzM5NzEzNjkw",
- "generationId": "638507642634120452",
- "lastActivityTime": "0001-01-01T00:00:00+00:00",
- "parentScopes": null,
- "status": "enabled",
- "statusReason": null,
- "statusUpdatedTime": "0001-01-01T00:00:00+00:00"
- }
- PS C:\ncs\v2.6.0\nrf\scripts> nrfcredstore COM3 list
- Secure tag Key type SHA
- 10 CLIENT_CERT 1BCDA20359A508462C65B78A825F8CD236FFC4C90750AE5198A4F36D8911E79F
- 10 CLIENT_KEY 06C66275511FC749F0B54AB2E27BA71580C6AF72031DA5A3C03B357C02809BBE
- 100 ROOT_CA_CERT 616552BECF388A41B4CF611E19FA29202727801223A49EAAA3B2B870C197E0A8
- 955 ROOT_CA_CERT 02D55E6202B89C1060482D1235CF20F1CF52315B6A91027C89CF530B253CA15C
- 16842753 ROOT_CA_CERT 0E0A61E2E78D28EEA66B15A9B10C1F4E5E8AD379FEA9131D02EC4A2473F9AB9C
- 16842753 CLIENT_CERT C72403A1C8324338F760D84258CED44CF1C0ECD1D1B302BEE72FFDFCBE68BAF6
- 16842753 CLIENT_KEY 43455481E49EC20447B4A49AA774ABDC40064FE0B8E7B96C95BABCBE12339677
- 4294967293 NORDIC_ID_ROOT_CA 2C43952EE9E000FF2ACC4E2ED0897C0A72AD5FA72C3D934E81741CBD54F05BD1
- 4294967294 DEV_ID_PUB_KEY 690E95A9C1A6EE57F3A2DBE2F4F4E7A8A32B98386AAA5ABD688C8B6132AC8A66
- 4294967292 NORDIC_PUB_KEY 2027C4699EAA90A414D33FA81B975C0FDEDEFB04A19CEA1ED43A8876CAD31E89
- PS C:\ncs\v2.6.0\nrf\scripts> nrfcredstore COM3 write 10 ROOT_CA_CERT .\DigiCertGlobalRootG2.crt.pem
- PS C:\ncs\v2.6.0\nrf\scripts> nrfcredstore COM3 write 11 ROOT_CA_CERT .\BaltimoreCyberTrustRoot.crt.pem
- PS C:\ncs\v2.6.0\nrf\scripts> nrfcredstore COM3 list
- Secure tag Key type SHA
- 10 ROOT_CA_CERT 531686021C0FA28F91E3A1F106E7B5A8B889C254020AAFBDFD32C95DE350CE13
- 10 CLIENT_CERT 1BCDA20359A508462C65B78A825F8CD236FFC4C90750AE5198A4F36D8911E79F
- 10 CLIENT_KEY 06C66275511FC749F0B54AB2E27BA71580C6AF72031DA5A3C03B357C02809BBE
- 11 ROOT_CA_CERT 371DE629C252EBED6085B27491EBC43EBC295EE1EEEBB68FDBCE3010B133DBC1
- 100 ROOT_CA_CERT 616552BECF388A41B4CF611E19FA29202727801223A49EAAA3B2B870C197E0A8
- 955 ROOT_CA_CERT 02D55E6202B89C1060482D1235CF20F1CF52315B6A91027C89CF530B253CA15C
- 16842753 ROOT_CA_CERT 0E0A61E2E78D28EEA66B15A9B10C1F4E5E8AD379FEA9131D02EC4A2473F9AB9C
- 16842753 CLIENT_CERT C72403A1C8324338F760D84258CED44CF1C0ECD1D1B302BEE72FFDFCBE68BAF6
- 16842753 CLIENT_KEY 43455481E49EC20447B4A49AA774ABDC40064FE0B8E7B96C95BABCBE12339677
- 4294967293 NORDIC_ID_ROOT_CA 2C43952EE9E000FF2ACC4E2ED0897C0A72AD5FA72C3D934E81741CBD54F05BD1
- 4294967294 DEV_ID_PUB_KEY 690E95A9C1A6EE57F3A2DBE2F4F4E7A8A32B98386AAA5ABD688C8B6132AC8A66
- 4294967292 NORDIC_PUB_KEY 2027C4699EAA90A414D33FA81B975C0FDEDEFB04A19CEA1ED43A8876CAD31E89
- PS C:\ncs\v2.6.0\nrf\scripts>
Add Comment
Please, Sign In to add comment