This is a sample on how a MCU can rotate certificates, using a cloud side implementation of certificate rotation. It is built off of the Amazon FreeRTOS code.
At a high level, the device will publish to topics, which trigger AWS Lambda functions that create a new certificate and rotate the certificates for you.
The device then stores the new certificate in a buffer and overwrites the old certificate, however this is stored in volatile memory so once the device loses power, the new certificate will be gone.
Further implementations of this can use some library to overwrite the old certificate in NVM (possibly using PKCS).
To setup the cloudside, download, zip, and add the AWS Lambda Functions to an S3 bucket. Then download the cloudformation.json file and create the CloudFormation from the console.
For more information on Amazon FreeRTOS, refer to the Getting Started section of Amazon FreeRTOS webpage.
To directly access the Getting Started Guide for supported hardware platforms, click the corresponding link in the Supported Hardware section below.
For detailed documentation on Amazon FreeRTOS, refer to the Amazon FreeRTOS User Guide.
The following MCU boards are supported for Amazon FreeRTOS:
- Texas Instruments - CC3220SF-LAUNCHXL.
- STMicroelectronics - STM32L4 Discovery kit IoT node.
- NXP - LPC54018 IoT Module.
- Microchip - Curiosity PIC32MZEF.
- Espressif - ESP32-DevKitC, ESP-WROVER-KIT.
- Infineon - Infineon XMC4800 IoT Connectivity Kit
- Xilinx - Xilinx Zynq-7000 based MicroZed Industrial IoT Bundle
- MediaTek - MediaTek MT7697Hx Development Kit
- Renesas - Renesas Starter Kit+ for RX65N-2MB
- Cypress CYW54907 - Cypress CYW954907AEVAL1F Evaluation Kit
- Cypress CYW43907 - Cypress CYW943907AEVAL1F Evaluation Kit
- Marvell MW320 - Marvell MW320 AWS IoT Starter Kit
- Marvell MW322 - Marvell MW322 AWS IoT Starter Kit
- Nordic nRF52840 DK - nRF52840 DK Development kit
- Windows Simulator - To evaluate Amazon FreeRTOS without using MCU-based hardware, you can use the Windows Simulator.
- Requirements: Microsoft Windows 7 or newer, with at least a dual core and a hard-wired Ethernet connection
- Getting Started Guide
- IDE: Visual Studio Community Edition