Obtaining a bootstrap certificate and trust anchor

To enable the SDA technician demo application and your target (IoT device) to trust each other, you must provide the target with a trust anchor.

In developer mode

To shorten the process for demo and development purposes, use developer mode, which enables you to run the secure device access flow with a developer certificate and a trust anchor that you compile together with the secure device access client, as described below.

Generate a bootstrap certificate

To generate a developer certificate:

1. From the Device Management Portal side menu, select Device identity > Certificates.
2. Click New certificate > Create a developer certificate.
3. Enter a name and, optionally, a description for the certificate, and click Create certificate.
   The certificate should appear in ACTIVE status in the list of certificates for your account.
4. Click Download Developer C file. This downloads the mbed_cloud_dev_credentials.c file to your computer. You will use this file when you build the client binaries.

Obtain a trust anchor

To get your trust anchor:

1. From the Device Management Portal side menu, select Device identity > Trust anchor.
2. Copy the PEM-format trust anchor. You will need this trust anchor when you build the client binaries.

In production mode

In production, you must install factory-configurator-client-example, which is an implementation of Device Management Client, onto your target. This enables you to provision and store a trust anchor and other credentials on your target, as described in the provisioning documentation.