avrono
commented
1 year ago I am running the demo and subsequently trying to use the certificate and Private Key to connect. I keep getting an unable to load error from openssl and during the program execution (SL_CTX_use_certificate_chain_file failed to import client certificate at). However, using the in-memory representation in the demo (using MBEDTLS, works fine).
What I would like to do , is run the provisioning once and then later and potentially after subsequent reboots simply use the provisioned Certificate and Key, please advise on how this may be achieved ?
You should store the Claim private key you use to connect to AWS IoT in PEM format. The demo will convert the Claim private key from PEM to DER format during its execution. All you need to do is set the "CLAIM_PRIVATE_KEY_PATH" macro to the path of the PEM-encoded key. There's a short setup guide for the Fleet Provisioning demo which you can consult, as well.
The private keys which are generated by the demo for the newly-provisioned Things are stored in DER format in the same directory that the demo runs. The generated private keys will be named "corePKCS11_Key.dat". Let us know if this answers your questions.
Thank you, John
Originally posted by @johnrhen in https://github.com/aws/aws-iot-device-sdk-embedded-C/issues/1775#issuecomment-1005990600