How to set AWS IoT certificates in runtime

Question

Hi team, 
 
 I am building AWS IoT client based on NRF52833 + Ethernet Controller. 
 I have done connecting and subscribing/publishing to AWS IoT broker successfully, and now I am trying to find a way for provisioning each device properly. 
 In AWS IoT library, AWS IoT certificates are statically built into application binary, and seems there is no consideration for runtime changing or reading from NV, etc. 
 
 How can I change device certificates for AWS IoT client in runtime? 
 Is there any proper mechanism for this? 
 
 And, Is there any plan for supporting AWS IoT Fleet Provisioning (Online Provisioning) in future nRFConnect SDK?

Susheel Nuguru · Accepted Answer

My Colleague who have some experience in this thinks it can be done. Suggestion from him is below . 
 " 
 Okay, so the library can actually handle the loading of the credentials for you. As you have already found out, it does that by writing the contents of some buffers it assumes exists in aws-certs.h (you can change the name of the file with a Kconfig option). So the user can define those buffers in a way that makes the application capable of changing their contents. The content of the buffers are loaded each time the application calls aws_iot_connect() 
 The other option is what I thought you had to do, which is to load the credentials yourself (in the application), before you call aws_iot_connect(). This approach gives more flexibility, but you will have to do all the credential handling yourself 
 "

How to set AWS IoT certificates in runtime

Top Replies