Obtain an MQTT Client Certificate

Follow the instructions below in order to obtain an MQTT client certificate

  • Retrieve an Access Token with your Application Key and Secret Key for Lufthansa's Public API. Click here for further details
  • Build a POST Request to the Certificate Resource
  • Receive a response with your certificate and a public/private key pair. An example response is provided below

Code snippet: XML

GET
<?xml version="1.0" encoding="UTF-8"?> 

<CertificateManagementResource>

<CertificateManagement>

    <certificatePem>-----BEGIN CERTIFICATE-----

MIIDWjCCAkKgAwIBAgIVAImeiupUWnCJt1pFu09ADtXsGG4eMA0GCSqGSIb3DQEB

H3+slohR9ExvdWmRhDjowhRIhq3m0lp/MGHLmIWeoxO+w1tW9H3+WzT5TQcPGw== -----END CERTIFICATE-----

</certificatePem>

    <keyPair>

        <PublicKey>-----BEGIN PUBLIC KEY-----

MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2BRMhREl8rxJXXrOG36

wKG0X/1kQAtKDZbiJmb+zOXrx9nZaMu2jDYod6OHKWjQnF/Ujn8AvSDgJc6QYmc+

2QIDAQAB

-----END PUBLIC KEY-----

</PublicKey>

        <PrivateKey>-----BEGIN RSA PRIVATE KEY-----

MIIEpQIBAAKCAQEAq2BRMhREl8rxJXXrOG366Kke/a5ViVpQ2zF2zuBZj0XqNPB5

sM7582s3HuJ9kFLIiMvaBVpJZ7z6gHWfShy+HtGziof6vDQUOs1sekQ=

-----END RSA PRIVATE KEY-----

</PrivateKey>

    </keyPair>

    <certificateId>43a8……….44aa6f8b46c91</certificateId>

    <endpoint>a35ixnrwyoljwq.iot.eu-central-1.amazonaws.com</endpoint>

</CertificateManagement>

</CertificateManagementResource>

code>
  • Copy the certificate, private and public key into individual files
Client Certificate File yourCertificate.cer
Client Key File yourPrivateKey.key
Client Public Key yourPublicKey.key
  • Store them in a secure place and keep them secret.

Note: each time you request a new certificate, your previously generated certificate will be disabled. Only one MQTT certificate is valid for each Client Application Key.