Skip to content

Generate certificate and key in OpenSSL#

Learn how to onboard a LwM2M device in just a few clicks using Certificates.

Connect a demo device with a certificate#


Generate certificate and key in OpenSSL#

  1. Open the OpenSSL command line terminal and run the following command(s):

    openssl ecparam -name secp384r1 -out ecparam.der
    openssl req -new -x509 -nodes -newkey ec:ecparam.der -keyout demo-cert.key -out demo-cert.crt -days 3650
    openssl req -new -x509 -nodes -newkey ec:<(openssl ecparam -name secp384r1) -keyout demo-cert.key -out demo-cert.crt -days 3650`
  2. You will be asked to provide certificate information inside the terminal. You may leave the fields blank by pressing Enter for each or fill them in with your data.

    Generating certificate and key

  3. Convert the generated certificates into the .der format by running the following command:

    openssl x509 -in demo-cert.crt -outform der -out demo-cert.der
    openssl ec -in demo-cert.key -outform der -out demo_key.der

Add device to Coiote IoT DM and connect#

  1. Upon logging in to Coiote IoT DM for the first time, you will see the Add your LwM2M device panel.


    If you had previously added a device, in Device inventory, click the Add device button.

  2. Select the Connect your LwM2M device directly via the Management server tile. Add via Mgmt

  3. In the Device credentials step:
    • In the Endpoint name enter your LwM2M device endpoint name, e.g. test_device.
    • In the Security mode section, select the Certificate mode. Device credentials step
    • Click Upload a new certificate and Browse.
    • In the pop-up, go to the directory where your certificate has been generated, select the demo-cert.crt file and click Open.
    • Click Add device.
  4. In the Connect your device step, insert the given connection parameters and the path to your certificate and key into the command used for starting the Anjay demo device. The following is an example command:

    ./output/bin/demo --endpoint-name test_device --security-mode cert -C c:/certificates/demo-cert.der -K c:/certificates/demo_key.der --server-uri coaps://


    You need to change the c:/certificates/ path for the path where your generated certificate and key are stored.

    1. In the command line terminal, open the Anjay directory, paste the appropriately modified command and run it.
    2. In Coiote IoT DM, click Next, Go to Summary to skip the third step, and Finish to see your Device Center. Registered device

Last update: July 19, 2023