You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/iot-edge/how-to-auto-provision-x509-certs.md
+7-7Lines changed: 7 additions & 7 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -5,7 +5,7 @@ author: kgremban
5
5
manager: philmea
6
6
ms.author: kgremban
7
7
ms.reviewer: kevindaw
8
-
ms.date: 04/02/2020
8
+
ms.date: 04/09/2020
9
9
ms.topic: conceptual
10
10
ms.service: iot-edge
11
11
services: iot-edge
@@ -197,7 +197,7 @@ X.509 provisioning with DPS is only supported in IoT Edge version 1.0.9 or newer
197
197
You'll need the following information when provisioning your device:
198
198
199
199
* The DPS **ID Scope** value. You can retrieve this value from the overview page of your DPS instance in the Azure portal.
200
-
* The device identity certificate file on the device.
200
+
* The device identity certificate chain file on the device.
201
201
* The device identity key file on the device.
202
202
* An optional registration ID (pulled from the common name in the device identity certificate if not supplied).
203
203
@@ -209,7 +209,7 @@ Use the following link to install the Azure IoT Edge runtime on your device, usi
209
209
210
210
When you add the X.509 certificate and key information to the config.yaml file, the paths should be provided as file URIs. For example:
211
211
212
-
* `file:///<path>/identity_certificate.pem`
212
+
* `file:///<path>/identity_certificate_chain.pem`
213
213
* `file:///<path>/identity_key.pem`
214
214
215
215
The section in the configuration file for X.509 automatic provisioning looks like this:
@@ -227,7 +227,7 @@ provisioning:
227
227
identity_pk: "<REQUIRED URI TO DEVICE IDENTITY PRIVATE KEY>"
228
228
```
229
229
230
-
Replace the placeholder values for `scope_id`, `identity_cert`, `identity_pk` with the scope ID from your DPS instance, and the URIs to the cert and key file locations on your device. Provide a `registration_id` for the device if you want, or leave this line commented out to register the device with the CN name of the identity certificate.
230
+
Replace the placeholder values for `scope_id`, `identity_cert`, `identity_pk` with the scope ID from your DPS instance, and the URIs to the cert chain and key file locations on your device. Provide a `registration_id` for the device if you want, or leave this line commented out to register the device with the CN name of the identity certificate.
231
231
232
232
Always restart the security daemon after updating the config.yaml file.
Install the IoT Edge runtime on the device for which you generated the identity certificate and identity key. You'll configure the IoT Edge runtime for automatic, not manual, provisioning.
240
+
Install the IoT Edge runtime on the device for which you generated the identity certificate chain and identity key. You'll configure the IoT Edge runtime for automatic, not manual, provisioning.
241
241
242
242
For more detailed information about installing IoT Edge on Windows, including prerequisites and instructions for tasks like managing containers and updating IoT Edge, see [Install the Azure IoT Edge runtime on Windows](how-to-install-iot-edge-windows.md).
243
243
@@ -254,11 +254,11 @@ For more detailed information about installing IoT Edge on Windows, including pr
254
254
255
255
1. The **Initialize-IoTEdge** command configures the IoT Edge runtime on your machine. The command defaults to manual provisioning unless you use the `-Dps` flag to use automatic provisioning.
256
256
257
-
Replace the placeholder values for `{scope_id}`, `{identity cert path}`, and `{identity key path}` with the appropriate values from your DPS instance and the file paths on your device. If you want to specify the registration ID, include `-RegistrationId {registration_id}` as well, replacing the placeholder as appropriate.
257
+
Replace the placeholder values for `{scope_id}`, `{identity cert chain path}`, and `{identity key path}` with the appropriate values from your DPS instance and the file paths on your device. If you want to specify the registration ID, include `-RegistrationId {registration_id}` as well, replacing the placeholder as appropriate.
0 commit comments