Share via


az iot dps certificate

Manage certificates for an Azure IoT Hub Device Provisioning Service instance.

Commands

Name Description Type Status
az iot dps certificate create

Create/upload a certficate to an Azure IoT Hub Device Provisioning Service instance.

Core GA
az iot dps certificate delete

Delete a certificate in an Azure IoT Hub Device Provisioning Service instance.

Core GA
az iot dps certificate generate-verification-code

Generate a verification code for a certificate in an Azure IoT Hub Device Provisioning Service instance.

Core GA
az iot dps certificate list

List all certificates contained within an Azure IoT Hub Device Provisioning Service instance.

Core GA
az iot dps certificate show

Show information about a particular certificate in an Azure IoT Hub Device Provisioning Service instance.

Core GA
az iot dps certificate update

Update a certificate in an Azure IoT Hub Device Provisioning Service instance.

Core GA
az iot dps certificate verify

Verify a certificate in an Azure IoT Hub Device Provisioning Service instance.

Core GA

az iot dps certificate create

Create/upload a certficate to an Azure IoT Hub Device Provisioning Service instance.

az iot dps certificate create --certificate-name
                              --dps-name
                              --path
                              [--resource-group]
                              [--verified {false, true}]

Examples

Upload a CA certificate PEM file to an Azure IoT Hub Device Provisioning Service instance.

az iot dps certificate create --dps-name MyDps --resource-group MyResourceGroup --name MyCertificate --path /certificates/Certificate.pem

Upload a verified CA certificate CER file to an Azure IoT Hub Device Provisioning Service.instance

az iot dps certificate create --dps-name MyDps --resource-group MyResourceGroup --name MyCertificate --path /certificates/Certificate.cer --verified

Required Parameters

--certificate-name --name -n

A friendly name for the certificate.

--dps-name

IoT Hub Device Provisioning Service name.

--path -p

The path to the file containing the certificate.

Optional Parameters

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--verified -v

A boolean indicating whether or not the certificate is verified.

Accepted values: false, true
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az iot dps certificate delete

Delete a certificate in an Azure IoT Hub Device Provisioning Service instance.

az iot dps certificate delete --certificate-name
                              --dps-name
                              --etag
                              [--resource-group]

Examples

Delete MyCertificate in an Azure IoT Hub Device Provisioning Service instance

az iot dps certificate delete --dps-name MyDps --resource-group MyResourceGroup --name MyCertificate --etag AAAAAAAAAAA=

Required Parameters

--certificate-name --name -n

A friendly name for the certificate.

--dps-name

IoT Hub Device Provisioning Service name.

--etag -e

Entity Tag (etag) of the object.

Optional Parameters

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az iot dps certificate generate-verification-code

Generate a verification code for a certificate in an Azure IoT Hub Device Provisioning Service instance.

This verification code is used to complete the proof of possession step for a certificate. Use this verification code as the CN of a new certificate signed with the root certificates private key.

az iot dps certificate generate-verification-code --certificate-name
                                                  --dps-name
                                                  --etag
                                                  [--resource-group]

Examples

Generate a verification code for MyCertificate

az iot dps certificate generate-verification-code --dps-name MyDps --resource-group MyResourceGroup --name MyCertificate --etag AAAAAAAAAAA=

Required Parameters

--certificate-name --name -n

A friendly name for the certificate.

--dps-name

IoT Hub Device Provisioning Service name.

--etag -e

Entity Tag (etag) of the object.

Optional Parameters

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az iot dps certificate list

List all certificates contained within an Azure IoT Hub Device Provisioning Service instance.

az iot dps certificate list --dps-name
                            [--resource-group]

Examples

List all certificates in MyDps

az iot dps certificate list --dps-name MyDps --resource-group MyResourceGroup

Required Parameters

--dps-name

IoT Hub Device Provisioning Service name.

Optional Parameters

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az iot dps certificate show

Show information about a particular certificate in an Azure IoT Hub Device Provisioning Service instance.

az iot dps certificate show --certificate-name
                            --dps-name
                            [--resource-group]

Examples

Show details about MyCertificate in an Azure IoT Hub Device Provisioning Service instance

az iot dps certificate show --dps-name MyDps --resource-group MyResourceGroup --name MyCertificate

Show information about a particular Azure IoT Hub Device Provisioning Service certificate. (autogenerated)

az iot dps certificate show --certificate-name MyCertificate --dps-name MyDps --resource-group MyResourceGroup --subscription MySubscription

Required Parameters

--certificate-name --name -n

A friendly name for the certificate.

--dps-name

IoT Hub Device Provisioning Service name.

Optional Parameters

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az iot dps certificate update

Update a certificate in an Azure IoT Hub Device Provisioning Service instance.

Upload a new certificate to replace the existing certificate with the same name.

az iot dps certificate update --certificate-name
                              --dps-name
                              --etag
                              --path
                              [--resource-group]
                              [--verified {false, true}]

Examples

Update a CA certificate in an Azure IoT Hub Device Provisioning Service by uploading a new PEM file.

az iot dps certificate update --dps-name MyDps --resource-group MyResourceGroup --name MyCertificate --path /certificates/NewCertificate.pem --etag AAAAAAAAAAA=

Update a CA certificate in an Azure IoT Hub Device Provisioning Service by uploading a new CER file.

az iot dps certificate update --dps-name MyDps --resource-group MyResourceGroup --name MyCertificate --path /certificates/NewCertificate.cer --etag AAAAAAAAAAA=

Required Parameters

--certificate-name --name -n

A friendly name for the certificate.

--dps-name

IoT Hub Device Provisioning Service name.

--etag -e

Entity Tag (etag) of the object.

--path -p

The path to the file containing the certificate.

Optional Parameters

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--verified -v

A boolean indicating whether or not the certificate is verified.

Accepted values: false, true
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az iot dps certificate verify

Verify a certificate in an Azure IoT Hub Device Provisioning Service instance.

Verify a certificate by uploading a verification certificate containing the verification code obtained by calling generate-verification-code. This is the last step in the proof of possession process.

az iot dps certificate verify --certificate-name
                              --dps-name
                              --etag
                              --path
                              [--resource-group]

Examples

Verify ownership of the MyCertificate private key.

az iot dps certificate verify --dps-name MyDps --resource-group MyResourceGroup --name MyCertificate --path /certificates/Verification.pem --etag AAAAAAAAAAA=

Required Parameters

--certificate-name --name -n

A friendly name for the certificate.

--dps-name

IoT Hub Device Provisioning Service name.

--etag -e

Entity Tag (etag) of the object.

--path -p

The path to the file containing the certificate.

Optional Parameters

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.