Creating a code-signing certificate for custom hardware - FreeRTOS
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Creating a code-signing certificate for custom hardware

Using an appropriate toolset, create a self-signed certificate and private key for your hardware.

Use the Amazon Command Line Interface to import your code-signing certificate, private key, and certificate chain into Amazon Certificate Manager. For information about installing the Amazon CLI, see Installing the Amazon CLI.

After you create your code-signing certificate, you can use the Amazon CLI to import it into ACM:

aws acm import-certificate --certificate fileb://code-sign.crt --private-key fileb://code-sign.key

The output from this command displays an ARN for your certificate. You need this ARN when you create an OTA update job.

ACM requires certificates to use specific algorithms and key sizes. For more information, see Prerequisites for Importing Certificates. For more information about ACM, see Importing Certificates into Amazon Certificate Manager.

You must copy, paste, and format the contents of your code-signing certificate into the vendors/vendor/boards/board/aws_demos/config_files/ota_demo_config.h file that is part of the FreeRTOS code you download later.