Google Git
Sign in
coral / a71ch-crypto-support / 8dc1f1434da50a4b7361d651239c1f3f4f8cc25b / . / doc / demos / eou_config_aws.html
blob: 593860ee2bd5bc16e1f6571aca19bd2504e1aeaf [file] [log] [blame]
<!DOCTYPE html>
<!--
Copyright 2019 NXP
This software is owned or controlled by NXP and may only be used
strictly in accordance with the applicable license terms. By expressly
accepting such terms or by downloading, installing, activating and/or
otherwise using the software, you are agreeing that you have read, and
that you agree to comply with and are bound by, such license terms. If
you do not agree to be bound by the applicable license terms, then you
may not retain, install, activate or otherwise use the software.
-->
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta charset="utf-8" />
<title>5.11.4. Ease of Use configuration - AWS IoT Console &#8212; Plug &amp; Trust MW v03.00.05 documentation</title>
<link rel="stylesheet" href="../_static/bootstrap-sphinx.css" type="text/css" />
<link rel="stylesheet" href="../_static/pygments.css" type="text/css" />
<link rel="stylesheet" type="text/css" href="../_static/graphviz.css" />
<script id="documentation_options" data-url_root="../" src="../_static/documentation_options.js"></script>
<script src="../_static/jquery.js"></script>
<script src="../_static/underscore.js"></script>
<script src="../_static/doctools.js"></script>
<script src="../_static/language_data.js"></script>
<link rel="index" title="Index" href="../genindex.html" />
<link rel="search" title="Search" href="../search.html" />
<link rel="next" title="5.12.1. SEMS Lite Agent Demo (sems_lite_ex_update)" href="../semslite/ex/sems_lite_ex_update/readme.html" />
<link rel="prev" title="5.11.3. Ease of Use configuration - Azure IoT Hub" href="eou_config_azure.html" />
<meta charset='utf-8'>
<meta http-equiv='X-UA-Compatible' content='IE=edge,chrome=1'>
<meta name='viewport' content='width=device-width, initial-scale=1.0, maximum-scale=1'>
<meta name="apple-mobile-web-app-capable" content="yes">
<script type="text/javascript" src="../_static/js/jquery-1.11.0.min.js "></script>
<script type="text/javascript" src="../_static/js/jquery-fix.js "></script>
<script type="text/javascript" src="../_static/bootstrap-3.3.7/js/bootstrap.min.js "></script>
<script type="text/javascript" src="../_static/bootstrap-sphinx.js "></script>
</head><body>
<div id="navbar" class="navbar navbar-inverse navbar-default navbar-fixed-top">
<div class="container">
<div class="navbar-header">
<!-- .btn-navbar is used as the toggle for collapsed navbar content -->
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".nav-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="../toc.html"><span><img src="../_static/NXP_logo_JPG.jpg"></span>
MW</a>
<span class="navbar-text navbar-version pull-left"><b>v03.00.05</b></span>
</div>
<div class="collapse navbar-collapse nav-collapse">
<ul class="nav navbar-nav">
<li class="dropdown globaltoc-container">
<a role="button"
id="dLabelGlobalToc"
data-toggle="dropdown"
data-target="#"
href="../toc.html">TOC <b class="caret"></b></a>
<ul class="dropdown-menu globaltoc"
role="menu"
aria-labelledby="dLabelGlobalToc"><ul class="current">
<li class="toctree-l1"><a class="reference internal" href="../index.html">1. NXP Plug &amp; Trust Middleware</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../organization-of-documentation.html">1.1. Organization of Documentation</a></li>
<li class="toctree-l2"><a class="reference internal" href="../folder-structure.html">1.2. Folder Structure</a></li>
<li class="toctree-l2"><a class="reference internal" href="../sw-prerequisites.html">1.3. List of Platform Prerequisites</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../changes/index.html">2. Changes</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../changes/pending.html">2.1. Pending Refactoring items</a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/pending.html#known-limitations">2.2. Known limitations</a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v03_00_05.html">2.3. Release <code class="docutils literal notranslate"><span class="pre">v03.00.05</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v03_00_04.html">2.4. Release <code class="docutils literal notranslate"><span class="pre">v03.00.04</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v03_00_03.html">2.5. Release <code class="docutils literal notranslate"><span class="pre">v03.00.03</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v03_00_02.html">2.6. Release <code class="docutils literal notranslate"><span class="pre">v03.00.02</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_16_01.html">2.7. Release <code class="docutils literal notranslate"><span class="pre">v02.16.01</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_16_00.html">2.8. Release <code class="docutils literal notranslate"><span class="pre">v02.16.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_15_00.html">2.9. Release <code class="docutils literal notranslate"><span class="pre">v02.15.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_14_00.html">2.10. Release <code class="docutils literal notranslate"><span class="pre">v02.14.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_12_00.html">2.11. Release <code class="docutils literal notranslate"><span class="pre">v02.12.05</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_12_00.html#release-v02-12-04">2.12. Release <code class="docutils literal notranslate"><span class="pre">v02.12.04</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_12_00.html#release-v02-12-03">2.13. Release <code class="docutils literal notranslate"><span class="pre">v02.12.03</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_12_00.html#release-v02-12-02">2.14. Release <code class="docutils literal notranslate"><span class="pre">v02.12.02</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_12_00.html#release-v02-12-01">2.15. Release <code class="docutils literal notranslate"><span class="pre">v02.12.01</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_12_00.html#release-v02-12-00">2.16. Release <code class="docutils literal notranslate"><span class="pre">v02.12.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_11_03.html">2.17. Release <code class="docutils literal notranslate"><span class="pre">v02.11.03</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_11_01.html">2.18. Internal Release <code class="docutils literal notranslate"><span class="pre">v02.11.01</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_11_00.html">2.19. Release <code class="docutils literal notranslate"><span class="pre">v02.11.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_10_00.html">2.20. Release <code class="docutils literal notranslate"><span class="pre">v02.10.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_09_00.html">2.21. Release <code class="docutils literal notranslate"><span class="pre">v02.09.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_07_00.html">2.22. Release <code class="docutils literal notranslate"><span class="pre">v02.07.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_06_00.html">2.23. Release <code class="docutils literal notranslate"><span class="pre">v02.06.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_05_00_to_v02_03_00.html">2.24. Release <code class="docutils literal notranslate"><span class="pre">v02.05.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_05_00_to_v02_03_00.html#release-v02-04-00">2.25. Release <code class="docutils literal notranslate"><span class="pre">v02.04.00</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../changes/v02_05_00_to_v02_03_00.html#release-02-03-00">2.26. Release <code class="docutils literal notranslate"><span class="pre">02.03.00</span></code></a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../stack/index.html">3. Plug &amp; Trust MW Stack</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../stack/features.html">3.1. Features</a></li>
<li class="toctree-l2"><a class="reference internal" href="../stack/features.html#plug-trust-mw-block-diagram">3.2. Plug &amp; Trust MW : Block Diagram</a></li>
<li class="toctree-l2"><a class="reference internal" href="../sss-apis.html">3.3. SSS APIs</a></li>
<li class="toctree-l2"><a class="reference internal" href="../stack/se05xfeatures.html">3.4. SSS APIs: SE051 vs SE050</a></li>
<li class="toctree-l2"><a class="reference internal" href="../stack/param_checks.html">3.5. Parameter Check &amp; Conventions</a></li>
<li class="toctree-l2"><a class="reference internal" href="../stack/i2cm.html">3.6. I2CM / Secure Sensor</a></li>
<li class="toctree-l2"><a class="reference internal" href="../stack/logging.html">3.7. Logging</a></li>
<li class="toctree-l2"><a class="reference internal" href="../stack/feature-file.html">3.8. Feature File - <code class="docutils literal notranslate"><span class="pre">fsl_sss_ftr.h</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="../stack/platf-scp-from-fs.html">3.9. Using Platform SCP Keys from File System</a></li>
<li class="toctree-l2"><a class="reference internal" href="../stack/auth/auth-objects.html">3.10. Auth Objects</a></li>
<li class="toctree-l2"><a class="reference internal" href="../stack/auth/auth-objects-userid.html">3.11. Auth Objects : UserID</a></li>
<li class="toctree-l2"><a class="reference internal" href="../stack/auth/auth-objects-aeskey.html">3.12. Auth Objects : AESKey</a></li>
<li class="toctree-l2"><a class="reference internal" href="../stack/auth/auth-objects-eckey.html">3.13. Auth Objects : ECKey</a></li>
<li class="toctree-l2"><a class="reference internal" href="../stack/key-id-range.html">3.14. Key Id Range and Purpose</a></li>
<li class="toctree-l2"><a class="reference internal" href="../stack/key-id-range.html#authentication-keys">3.15. Authentication Keys</a></li>
<li class="toctree-l2"><a class="reference internal" href="../stack/key-id-range.html#trust-provisioned-keyids">3.16. Trust provisioned KeyIDs</a></li>
<li class="toctree-l2"><a class="reference internal" href="../sss/ex/doc/puf-scp03.html">3.17. SCP03 with PUF</a></li>
<li class="toctree-l2"><a class="reference internal" href="../sss/doc/sss_heap_management.html">3.18. SSS Heap Management</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../building/index.html">4. Building / Compiling</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../building/windows.html">4.1. Windows Build</a></li>
<li class="toctree-l2"><a class="reference internal" href="../building/frdm-k64f-sdk.html">4.2. Import MCUXPresso projects from SDK</a></li>
<li class="toctree-l2"><a class="reference internal" href="../building/frdm-k64f-cmake.html">4.3. Freedom K64F Build (CMake - Advanced)</a></li>
<li class="toctree-l2"><a class="reference internal" href="../building/imx6.html">4.4. i.MX Linux Build</a></li>
<li class="toctree-l2"><a class="reference internal" href="../building/rpi3.html">4.5. Raspberry Pi Build</a></li>
<li class="toctree-l2"><a class="reference internal" href="../building/cmake.html">4.6. CMake</a></li>
<li class="toctree-l2"><a class="reference internal" href="../scripts/cmake_options.html">4.7. CMake Options</a></li>
</ul>
</li>
<li class="toctree-l1 current"><a class="reference internal" href="index.html">5. Demo and Examples</a><ul class="current">
<li class="toctree-l2"><a class="reference internal" href="index.html#demo-list">5.1. Demo List</a></li>
<li class="toctree-l2"><a class="reference internal" href="index.html#sss-api-examples">5.2. SSS API Examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="index.html#cloud-demos">5.3. Cloud Demos</a></li>
<li class="toctree-l2"><a class="reference internal" href="index.html#linux-specific-demos">5.4. Linux Specific Demos</a></li>
<li class="toctree-l2"><a class="reference internal" href="index.html#opc-ua-example">5.5. OPC-UA Example</a></li>
<li class="toctree-l2"><a class="reference internal" href="index.html#arm-psa-example">5.6. ARM PSA Example</a></li>
<li class="toctree-l2"><a class="reference internal" href="index.html#se05x-examples">5.7. SE05X Examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="index.html#openssl-examples">5.8. OpenSSL Examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="index.html#tests-for-user-crypto">5.9. Tests for User Crypto</a></li>
<li class="toctree-l2"><a class="reference internal" href="index.html#nxpnfcrdlib-examples">5.10. NXPNFCRDLIB examples</a></li>
<li class="toctree-l2 current"><a class="reference internal" href="index.html#ease-of-use-examples">5.11. Ease-of-Use examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="index.html#semslite-examples">5.12. Semslite examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="index.html#puf-examples">5.13. PUF examples</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../edgelock2go-agent.html">6. NXP EdgeLock 2GO Agent</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../nxp_iot_agent/doc/introduction.html">6.1. Introduction</a></li>
<li class="toctree-l2"><a class="reference internal" href="../nxp_iot_agent/doc/introduction.html#building-and-running-the-edgelock-2go-agent">6.2. Building and running the EdgeLock 2GO agent</a></li>
<li class="toctree-l2"><a class="reference internal" href="../nxp_iot_agent/doc/introduction.html#datastore-keystore">6.3. Datastore / Keystore</a></li>
<li class="toctree-l2"><a class="reference internal" href="../nxp_iot_agent/doc/introduction.html#connection-to-the-edgelock-2go-cloud-service">6.4. Connection to the EdgeLock 2GO cloud service</a></li>
<li class="toctree-l2"><a class="reference internal" href="../nxp_iot_agent/doc/introduction.html#claim-codes">6.5. Claim Codes</a></li>
<li class="toctree-l2"><a class="reference internal" href="../nxp_iot_agent/doc/edgelock2go_agent_apis.html">6.6. API</a></li>
<li class="toctree-l2"><a class="reference internal" href="../nxp_iot_agent/doc/readme_usage_examples.html">6.7. Usage Examples</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../semslite/doc/index.html">7. SEMS Lite Agent</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../semslite/doc/sems_lite_overview.html">7.1. SEMS Lite Overview (Only for SE051)</a></li>
<li class="toctree-l2"><a class="reference internal" href="../semslite/doc/sems_lite_package.html">7.2. Update Package</a></li>
<li class="toctree-l2"><a class="reference internal" href="../semslite/doc/sems_lite_usage.html">7.3. SEMS Lite Agent Usage</a></li>
<li class="toctree-l2"><a class="reference internal" href="../semslite/doc/sems_lite_mgmt_api.html">7.4. SEMS Lite management APIs</a></li>
<li class="toctree-l2"><a class="reference internal" href="../semslite/doc/sems_lite_process.html">7.5. SEMS Lite Agent Package Load Process</a></li>
<li class="toctree-l2"><a class="reference internal" href="../semslite/doc/sems_lite_api.html">7.6. APIs</a></li>
<li class="toctree-l2"><a class="reference internal" href="../semslite/doc/sems_lite_known_issue.html">7.7. SEMS Lite Known Issue</a></li>
<li class="toctree-l2"><a class="reference internal" href="../semslite/doc/demo_update.html">7.8. SEMS Lite DEMOs</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../plugins/index.html">8. Plugins / Add-ins</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../sss/plugin/openssl/scripts/readme.html">8.1. Introduction on OpenSSL engine</a></li>
<li class="toctree-l2"><a class="reference internal" href="../sss/plugin/mbedtls/scripts/readme.html">8.2. Introduction on mbedTLS ALT Implementation</a></li>
<li class="toctree-l2"><a class="reference internal" href="../sss/plugin/psa/Readme.html">8.3. Platform Security Architecture</a></li>
<li class="toctree-l2"><a class="reference internal" href="../plugins/akm.html">8.4. Android Key master</a></li>
<li class="toctree-l2"><a class="reference internal" href="../sss/plugin/open62541/readme.html">8.5. Introduction on Open62541 (OPC UA stack)</a></li>
<li class="toctree-l2"><a class="reference internal" href="../plugins/wifiEAP/wifiEAP.html">8.6. WiFi EAP Demo with Raspberry Pi3</a></li>
<li class="toctree-l2"><a class="reference internal" href="../plugins/pkcs11.html">8.7. PKCS#11 Standalone Library</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../cli-tool.html">9. CLI Tool</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../pycli/doc/introduction.html">9.1. Introduction</a></li>
<li class="toctree-l2"><a class="reference internal" href="../pycli/doc/block-diagram.html">9.2. Block Diagram</a></li>
<li class="toctree-l2"><a class="reference internal" href="../pycli/doc/pre-steps.html">9.3. Steps needed before running <code class="docutils literal notranslate"><span class="pre">ssscli</span></code> tool</a></li>
<li class="toctree-l2"><a class="reference internal" href="../pycli/doc/running.html">9.4. Running the <code class="docutils literal notranslate"><span class="pre">ssscli</span></code> tool - Windows</a></li>
<li class="toctree-l2"><a class="reference internal" href="../pycli/Provisioning/readme.html">9.5. CLI Provisioning</a></li>
<li class="toctree-l2"><a class="reference internal" href="../pycli/doc/readme_usage_examples.html">9.6. Usage Examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="../pycli/doc/cli_commands_list.html">9.7. List of <code class="docutils literal notranslate"><span class="pre">ssscli</span></code> commands</a></li>
<li class="toctree-l2"><a class="reference internal" href="../pycli/doc/cli_data_format.html">9.8. CLI Data formats</a></li>
<li class="toctree-l2"><a class="reference internal" href="../pycli/doc/cli_object_policy.html">9.9. Object Policies Through ssscli</a></li>
<li class="toctree-l2"><a class="reference internal" href="../appendix/upload_se05x_using_pycli.html">9.10. Upload keys and certificates to SE05X using ssscli tool</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../a71ch.html">10. A71CH</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../a71ch/a71ch_sss.html">10.1. A71CH and SSS API</a></li>
<li class="toctree-l2"><a class="reference internal" href="../a71ch/a71ch_miscellaneous.html">10.2. Miscellaneous</a></li>
<li class="toctree-l2"><a class="reference internal" href="../a71ch/a71ch_legacy_host_api.html">10.3. A71CH Legacy API</a></li>
<li class="toctree-l2"><a class="reference internal" href="../a71ch/a71ch_legacy_hlse_api.html">10.4. A71CH Legacy HLSE (Generic) API</a></li>
<li class="toctree-l2"><a class="reference internal" href="../a71ch/a71ch_configure_tool.html">10.5. A71CH Legacy Configure Tool</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../appendix.html">11. Appendix</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../appendix/glossary.html">11.1. Glossary</a></li>
<li class="toctree-l2"><a class="reference internal" href="../appendix/vcom.html">11.2. APDU Commands over VCOM</a></li>
<li class="toctree-l2"><a class="reference internal" href="../appendix/vs2019-setup.html">11.3. Visual Studio 2019 Setup</a></li>
<li class="toctree-l2"><a class="reference internal" href="../appendix/ide_mcux.html">11.4. Setting up MCUXPresso IDE</a></li>
<li class="toctree-l2"><a class="reference internal" href="../dev-platforms.html">11.5. Development Platforms</a></li>
<li class="toctree-l2"><a class="reference internal" href="../appendix/se_uid.html">11.6. How to get SE Platform Information and UID</a></li>
<li class="toctree-l2"><a class="reference internal" href="../appendix/version_info.html">11.7. Version Information</a></li>
<li class="toctree-l2"><a class="reference internal" href="Certificate_Chains/Readme.html">11.8. Certificate Chains</a></li>
<li class="toctree-l2"><a class="reference internal" href="../appendix/rjct_server.html">11.9. JRCP_v1 Server</a></li>
<li class="toctree-l2"><a class="reference internal" href="../appendix/platfscp.html">11.10. Using own Platform SCP03 Keys</a></li>
<li class="toctree-l2"><a class="reference internal" href="../appendix/apdu_write_to_buffer.html">11.11. Write APDU to buffer</a></li>
<li class="toctree-l2"><a class="reference internal" href="../api/api_list.html">11.12. Plug &amp; Trust MW APIs</a></li>
</ul>
</li>
</ul>
</ul>
</li>
<li class="dropdown">
<a role="button"
id="dLabelLocalToc"
data-toggle="dropdown"
data-target="#"
href="#">Page <b class="caret"></b></a>
<ul class="dropdown-menu localtoc"
role="menu"
aria-labelledby="dLabelLocalToc"><ul>
<li><a class="reference internal" href="#">5.11.4. Ease of Use configuration - AWS IoT Console</a><ul>
<li><a class="reference internal" href="#pre-requisites">5.11.4.1. Pre-requisites</a></li>
<li><a class="reference internal" href="#extracting-device-certificate">5.11.4.2. Extracting Device Certificate</a></li>
<li><a class="reference internal" href="#registering-device-certificate">5.11.4.3. Registering Device Certificate</a></li>
<li><a class="reference internal" href="#running-on-linux">5.11.4.4. Running on Linux</a></li>
<li><a class="reference internal" href="#running-on-mcu">5.11.4.5. Running on MCU</a></li>
</ul>
</li>
</ul>
</ul>
</li>
<li>
<a href="eou_config_azure.html" title="Previous Chapter: 5.11.3. Ease of Use configuration - Azure IoT Hub"><span class="glyphicon glyphicon-chevron-left visible-sm"></span><span class="hidden-sm hidden-tablet">&laquo; 5.11.3. Ease ...</span>
</a>
</li>
<li>
<a href="../semslite/ex/sems_lite_ex_update/readme.html" title="Next Chapter: 5.12.1. SEMS Lite Agent Demo (sems_lite_ex_update)"><span class="glyphicon glyphicon-chevron-right visible-sm"></span><span class="hidden-sm hidden-tablet">5.12.1. SEMS ... &raquo;</span>
</a>
</li>
</ul>
</div>
</div>
</div>
<div class="container">
<div class="row">
<div class="col-md-3">
<div id="sidebar" class="bs-sidenav" role="complementary">
<div class="sidebar-header">
<h3>Plug &amp; Trust MW</h3>
</div>
<div class="row">
<ul class="current">
<li class="toctree-l1"><a class="reference internal" href="../index.html">1. NXP Plug &amp; Trust Middleware</a></li>
<li class="toctree-l1"><a class="reference internal" href="../changes/index.html">2. Changes</a></li>
<li class="toctree-l1"><a class="reference internal" href="../stack/index.html">3. Plug &amp; Trust MW Stack</a></li>
<li class="toctree-l1"><a class="reference internal" href="../building/index.html">4. Building / Compiling</a></li>
<li class="toctree-l1 current"><a class="reference internal" href="index.html">5. Demo and Examples</a><ul class="current">
<li class="toctree-l2"><a class="reference internal" href="index.html#demo-list">5.1. Demo List</a></li>
<li class="toctree-l2"><a class="reference internal" href="index.html#sss-api-examples">5.2. SSS API Examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="index.html#cloud-demos">5.3. Cloud Demos</a></li>
<li class="toctree-l2"><a class="reference internal" href="index.html#linux-specific-demos">5.4. Linux Specific Demos</a></li>
<li class="toctree-l2"><a class="reference internal" href="index.html#opc-ua-example">5.5. OPC-UA Example</a></li>
<li class="toctree-l2"><a class="reference internal" href="index.html#arm-psa-example">5.6. ARM PSA Example</a></li>
<li class="toctree-l2"><a class="reference internal" href="index.html#se05x-examples">5.7. SE05X Examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="index.html#openssl-examples">5.8. OpenSSL Examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="index.html#tests-for-user-crypto">5.9. Tests for User Crypto</a></li>
<li class="toctree-l2"><a class="reference internal" href="index.html#nxpnfcrdlib-examples">5.10. NXPNFCRDLIB examples</a></li>
<li class="toctree-l2 current"><a class="reference internal" href="index.html#ease-of-use-examples">5.11. Ease-of-Use examples</a><ul class="current">
<li class="toctree-l3"><a class="reference internal" href="eou_config_ibm.html">5.11.1. Ease of Use configuration - IBM Watson</a></li>
<li class="toctree-l3"><a class="reference internal" href="eou_config_gcp.html">5.11.2. Ease of Use configuration - Google Cloud Platform</a></li>
<li class="toctree-l3"><a class="reference internal" href="eou_config_azure.html">5.11.3. Ease of Use configuration - Azure IoT Hub</a></li>
<li class="toctree-l3 current"><a class="current reference internal" href="#">5.11.4. Ease of Use configuration - AWS IoT Console</a></li>
</ul>
</li>
<li class="toctree-l2"><a class="reference internal" href="index.html#semslite-examples">5.12. Semslite examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="index.html#puf-examples">5.13. PUF examples</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../edgelock2go-agent.html">6. NXP EdgeLock 2GO Agent</a></li>
<li class="toctree-l1"><a class="reference internal" href="../semslite/doc/index.html">7. SEMS Lite Agent</a></li>
<li class="toctree-l1"><a class="reference internal" href="../plugins/index.html">8. Plugins / Add-ins</a></li>
<li class="toctree-l1"><a class="reference internal" href="../cli-tool.html">9. CLI Tool</a></li>
<li class="toctree-l1"><a class="reference internal" href="../a71ch.html">10. A71CH</a></li>
<li class="toctree-l1"><a class="reference internal" href="../appendix.html">11. Appendix</a></li>
</ul>
</div>
<div class="row">
<form class="form" action="../search.html" method="get">
<div class="form-group">
<label for="Search">Search:</label>
<input type="text" name="q" class="form-control" placeholder="Search" />
</div>
<input type="hidden" name="check_keywords" value="yes" />
<input type="hidden" name="area" value="default" />
</form>
</div>
</div>
</div>
<div class="body col-md-9 content" role="main">
<div class="section" id="ease-of-use-configuration-aws-iot-console">
<span id="eou-config-aws"></span><h1><span class="section-number">5.11.4. </span>Ease of Use configuration - AWS IoT Console<a class="headerlink" href="#ease-of-use-configuration-aws-iot-console" title="Permalink to this headline"></a></h1>
<div class="section" id="pre-requisites">
<h2><span class="section-number">5.11.4.1. </span>Pre-requisites<a class="headerlink" href="#pre-requisites" title="Permalink to this headline"></a></h2>
<ul class="simple">
<li><p>AWS IoT Console Account</p></li>
<li><p>AWS CLI installed and configured (linked to you AWS account)</p></li>
<li><p>ssscli Tool</p></li>
</ul>
</div>
<div class="section" id="extracting-device-certificate">
<span id="extract-dev-cert"></span><h2><span class="section-number">5.11.4.2. </span>Extracting Device Certificate<a class="headerlink" href="#extracting-device-certificate" title="Permalink to this headline"></a></h2>
<p>Using ssscli Tool, read out the device certificate.
Refer to <a class="reference internal" href="../stack/key-id-range.html#tp-id-range"><span class="std std-ref">Trust provisioned KeyIDs</span></a> for keyIDs of trust provisioned keys and certificates.</p>
<div class="admonition note">
<p class="admonition-title">Note</p>
<p>If you wish to use an embedded microcontroller, flash the VCOM binary on your board first.
VCOM binaries are available in <code class="file docutils literal notranslate"><span class="pre">binaries</span></code> directory.</p>
</div>
<p>Extract the device certificate as:</p>
<div class="highlight-shell notranslate"><div class="highlight"><pre><span></span>ssscli connect se05x &lt;conn-type&gt; &lt;port&gt;
ssscli get cert &lt;certificate-keyId&gt; &lt;certificate-filename&gt;
ssscli disconnect
</pre></div>
</div>
<div class="admonition note">
<p class="admonition-title">Note</p>
<p>Give connection parameters according to your board. Refer to <a class="reference internal" href="../pycli/doc/cli_commands_list.html#cli-cmd-list"><span class="std std-ref">List of ssscli commands</span></a>
for details on supported parameters.</p>
</div>
</div>
<div class="section" id="registering-device-certificate">
<span id="register-dev-cert"></span><h2><span class="section-number">5.11.4.3. </span>Registering Device Certificate<a class="headerlink" href="#registering-device-certificate" title="Permalink to this headline"></a></h2>
<p>Use AWS CLI Tool to register the extracted device certificate on to your
AWS IoT Console:</p>
<div class="highlight-shell notranslate"><div class="highlight"><pre><span></span>aws iot register-certificate-without-ca --certificate-pem file://&lt;certificate-filename&gt; --status ACTIVE
aws iot attach-policy --target &lt;certificate ARN&gt; --policy-name &lt;policy name&gt;
</pre></div>
</div>
<div class="admonition note">
<p class="admonition-title">Note</p>
<p>Certificate ARN will be printed out after execution of the first command</p>
</div>
<p>Run the following command to print out the SNI string. This will be used later:</p>
<div class="highlight-shell notranslate"><div class="highlight"><pre><span></span>aws iot describe-endpoint --endpoint-type iot:Data-ATS
</pre></div>
</div>
<div class="admonition note">
<p class="admonition-title">Note</p>
<p>Additionally, you can create and attach policies using <strong>aws create-policy</strong> and
<strong>aws attach-policy</strong> commands. Although this is not required for this demo as we
test only publish and subscribe functionalities, you would need to use policies
to allow/restrict access to any resource. For more information on policies,
refer to <a class="reference external" href="https://docs.aws.amazon.com/cli/latest/reference/iam/create-policy.html">AWS CLI CreatePolicy</a> and <a class="reference external" href="https://docs.aws.amazon.com/cli/latest/reference/iot/attach-policy.html">AWS CLI AttachPolicy</a></p>
</div>
</div>
<div class="section" id="running-on-linux">
<h2><span class="section-number">5.11.4.4. </span>Running on Linux<a class="headerlink" href="#running-on-linux" title="Permalink to this headline"></a></h2>
<p><strong>This step is only for Linux platforms. If you wish to use an embedded microcontroller, continue to the next step</strong></p>
<ul>
<li><p>Run the following commands to build OpenSSL engine for SE050:</p>
<div class="highlight-shell notranslate"><div class="highlight"><pre><span></span><span class="nb">cd</span> simw-top
python scripts/create_cmake_projects.py
<span class="nb">cd</span> ../simw-top_build/&lt;board&gt;_native_se050_t1oi2c
cmake --build .
make install
ldconfig /usr/local/lib
</pre></div>
</div>
</li>
<li><p>Navigate to <code class="file docutils literal notranslate"><span class="pre">demos/linux/aws_eou</span></code> directory and execute the <code class="file docutils literal notranslate"><span class="pre">buildScript.sh</span></code> as:</p>
<div class="highlight-shell notranslate"><div class="highlight"><pre><span></span>chmod +x buildScript.sh
./buildScript.sh
</pre></div>
</div>
<p>This will build the project <code class="docutils literal notranslate"><span class="pre">iot_demo_mqtt</span></code>.</p>
</li>
<li><p>Based on OpenSSL version, select the appropriate configuration file in
<code class="docutils literal notranslate"><span class="pre">&lt;MW_SRC_DIR&gt;/simw-top/demos/linux/common</span></code> directory:</p>
<div class="highlight-shell notranslate"><div class="highlight"><pre><span></span>openssl11_sss_se050.cnf ----- OpenSSL <span class="m">1</span>.1.1 and SE050
openssl_sss_se050.cnf ----- OpenSSL <span class="m">1</span>.0.0 and SE050
</pre></div>
</div>
</li>
<li><p>Set the openssl config path as:</p>
<div class="highlight-shell notranslate"><div class="highlight"><pre><span></span>$ <span class="nb">export</span> <span class="nv">OPENSSL_CONF</span><span class="o">=</span>&lt;absolute-path-to-MW&gt;/demos/linux/common/&lt;appropriate-cnf-file&gt;
</pre></div>
</div>
</li>
<li><p>Create a reference file of device keypair for OpenSSL engine:</p>
<div class="highlight-shell notranslate"><div class="highlight"><pre><span></span>ssscli connect se05x &lt;conn-type&gt; &lt;port&gt;
ssscli refpem ecc/rsa pair &lt;keypair-keyId&gt; &lt;ref-filename&gt;
ssscli disconnect
</pre></div>
</div>
<div class="admonition note">
<p class="admonition-title">Note</p>
<p>Make sure that the device keypair used corresponds to the device certificate</p>
</div>
</li>
<li><p>Run the demo:</p>
<div class="highlight-shell notranslate"><div class="highlight"><pre><span></span><span class="nb">cd</span> output/bin
./iot_demo_mqtt -i <span class="s2">&quot;ThingName&quot;</span> -h &lt;endpoint&gt; -r AmazonRootCA1.pem -c &lt;certificate-filename&gt; -k &lt;ref-filename&gt;
</pre></div>
</div>
<p>where <code class="docutils literal notranslate"><span class="pre">endpoint</span></code> is the SNI string obtained in step <a class="reference internal" href="#register-dev-cert"><span class="std std-ref">Registering Device Certificate</span></a>, <code class="docutils literal notranslate"><span class="pre">certificate-filename</span></code>
is the device certificate extracted in step <a class="reference internal" href="#extract-dev-cert"><span class="std std-ref">Extracting Device Certificate</span></a> and <code class="docutils literal notranslate"><span class="pre">ref-filename</span></code> is the reference key created
in the previous step.</p>
</li>
</ul>
</div>
<div class="section" id="running-on-mcu">
<h2><span class="section-number">5.11.4.5. </span>Running on MCU<a class="headerlink" href="#running-on-mcu" title="Permalink to this headline"></a></h2>
<ul class="simple">
<li><p>Update the <code class="docutils literal notranslate"><span class="pre">clientcredentialMQTT_BROKER_ENDPOINT</span></code> variable in
<code class="file docutils literal notranslate"><span class="pre">demos/ksdk/common/aws_clientcredential.h</span></code> file with the SNI string obtained in
previous step.</p></li>
<li><p>Update <code class="docutils literal notranslate"><span class="pre">SSS_KEYPAIR_INDEX_CLIENT_PRIVATE</span></code> and <code class="docutils literal notranslate"><span class="pre">SSS_CERTIFICATE_INDEX_CLIENT</span></code> in
file <code class="file docutils literal notranslate"><span class="pre">demos/ksdk/common/aws_iot_config.h</span></code> with KeyIDs of device keypair
and device certificate respectively. Refer to trust provisioned keyIDs listed in
<a class="reference internal" href="../stack/key-id-range.html#tp-id-range"><span class="std std-numref">Section 3.16</span></a> <a class="reference internal" href="../stack/key-id-range.html#tp-id-range"><span class="std std-ref">Trust provisioned KeyIDs</span></a>.</p></li>
</ul>
<div class="highlight-c notranslate"><div class="highlight"><pre><span></span><span class="cp">#define SSS_KEYPAIR_INDEX_CLIENT_PRIVATE 0x20181005</span>
<span class="cp">#define SSS_CERTIFICATE_INDEX_CLIENT 0x20181007</span>
</pre></div>
</div>
<ul>
<li><p>Build and run project <code class="docutils literal notranslate"><span class="pre">aws_demo</span></code>.</p>
<p>CMake configurations:</p>
<ul class="simple">
<li><p><code class="docutils literal notranslate"><span class="pre">RTOS_FreeRTOS</span></code>: ON</p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">WithHostCrypto_MBEDTLS</span></code>: ON</p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">WithmbedTLS_ALT_SSS</span></code>: ON</p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">IOT_AWS</span></code>: ON</p></li>
</ul>
</li>
</ul>
</div>
</div>
</div>
</div>
</div>
<footer class="footer">
<div class="container">
<p class="pull-right">
<a href="#">Back to top</a>
</p>
<p>
&copy; Copyright 2018-2020, NXP.<br/>
Created using <a href="http://sphinx-doc.org/">Sphinx</a> 2.4.1.<br/>
</p>
</div>
</footer>
</body>
</html>