in source/console/src/app/services/device.service.ts [172:226]
public createCertificate(device: Device, deviceBlueprintId: string = null, deviceTypeId: string = null) {
return new Promise((resolve, reject) => {
forge.pki.rsa.generateKeyPair(
{
bits: 2048,
workers: 2
},
(err, keypair) => {
if (err) {
console.error('createCertificate: error', err);
return reject(err);
} else {
const csr = forge.pki.createCertificationRequest();
csr.publicKey = keypair.publicKey;
csr.setSubject([
{
name: 'organizationName',
value: 'sputnik'
},
{
name: 'commonName',
value: device.thingName
}
]);
csr.sign(keypair.privateKey);
const verified = csr.verify();
const pem = forge.pki.certificationRequestToPem(csr);
this.appSyncService
.createCertificate(device.thingId, pem)
.then(cert => {
cert.privateKey = forge.pki.privateKeyToPem(keypair.privateKey);
cert.publicKey = forge.pki.publicKeyToPem(keypair.publicKey);
resolve({
thingName: device.thingName,
cert: {
certificateId: cert.certificateId,
certificateArn: cert.certificateArn,
certificatePem: cert.certificatePem,
privateKey: cert.privateKey,
publicKey: cert.publicKey
}
});
})
.catch(error => {
reject(error);
});
}
}
);
});
}