Contact UsGet started

Getting started with Yandex IoT Core device registries

Written by
Updated at February 12, 2025

To start using the Yandex IoT Core service, create the following:

  1. X.509 certificates
  2. Registry
  3. Device

Then, set up message exchange between the device and the registry.

Getting started

Sign up for Yandex Cloud and create a billing account:

  1. Go to the management console and log in to Yandex Cloud or create an account if you do not have one yet.
  2. On the Yandex Cloud Billing page, make sure you have a billing account linked and it has the ACTIVE or TRIAL_ACTIVE status. If you do not have a billing account, create one.

If you have an active billing account, you can go to the cloud page to create or select a folder for your infrastructure to operate in.

Learn more about clouds and folders.

Create a certificate

X.509 certificates enable interaction between MQTT clients: the registry and device. Each of them needs its certificate.

  • If you have certificates, add them to the MQTT clients. You can do this when creating clients.

  • If you do not have certificates, create them using the OpenSSL program (the command below creates only one certificate):

    openssl req -x509 \
-newkey rsa:4096 \
  -keyout private-key.pem \
  -out cert.pem \
  -nodes \
  -days 365 \
  -subj '/CN=localhost'

    Where:

    • -x509: Certificate type, X.509.
    • -newkey: Encryption algorithm.
    • -keyout: File with the private key of the certificate.
    • -out: File with the public key of the certificate.
    • -nodes: This flag is set when no public key encryption is required.
    • -days: Certificate validity period in days.
    • -subj: Request object.

    For each of the MQTT clients, specify different names for files with private and public keys.

Create a registry

  1. In the management console, select the folder to create your registry in.

  2. Select IoT Core.

  3. In the left-hand panel, select Registries.

  4. Click Create registry.

  5. Under General information, add my-registry as the registry name.

  6. Add a certificate:

    • To add a file:

      1. Choose the File method.
      2. Click Attach file.
      3. Select the file with the public key of the certificate and click Open.
      4. Click Add.

    • To add text:

      1. Choose the Text method.
      2. Paste the public key of the certificate to the Content field.
      3. Click Add.

  7. Click Create.

If you do not have the Yandex Cloud CLI yet, install and initialize it.

The folder specified in the CLI profile is used by default. You can specify a different folder through the --folder-name or --folder-id parameter.

  1. Create a registry:

    yc iot registry create --name my-registry

    Result:

    id: b91hafek85**********
folder_id: aoek49ghmk*********
created_at: "2019-05-27T13:40:06.923Z"
name: my-registry
status: ACTIVE
log_group_id: ckghotead**********

  2. Add a certificate to the registry:

    yc iot registry certificate add \
  --registry-name my-registry \
  --certificate-file registry-cert.pem

    Where:

    • --registry-name: Registry name.
    • --certificate-file: Path to the public key of the certificate.

    Result:

    registry_id: b91hafek85**********
fingerprint: 589ce16050****
certificate_data: |
   -----BEGIN CERTIFICATE-----
   MIIE/jCCAuagAwIBAgIJAPRA...
   -----END CERTIFICATE-----
created_at: "2019-05-27T13:41:45.295Z"

Create a device

  1. In the management console, select a folder to create a device in.

  2. Select IoT Core.

  3. Select my-registry from the list.

  4. On the left side of the window, select the Devices section.

  5. Click Add device.

  6. Under General information, add my-device as the device name.

  7. Add a certificate:

    • To add a file:

      1. Choose the File method.
      2. Click Attach file.
      3. Select the file with the public key of the certificate and click Open.
      4. Click Add.

    • To add text:

      1. Choose the Text method.
      2. Paste the public key of the certificate to the Content field.
      3. Click Add.

  8. Click Create.

  1. Create a device:

    yc iot device create \
  --registry-name my-registry \
  --name my-device

    Where:

    • --registry-name: Name of the registry that the device is part of.
    • --name: Device name.

    Result:

    id: b912an77oq**********
registry_id: b91hafek85**********
created_at: "2019-05-27T13:44:35.164Z"
name: my-device

  2. Add a certificate to the device:

    yc iot device certificate add \
  --device-name my-device \
  --certificate-file ./certs/device-cert.pem

    Where:

    • --device-name: Device name.
    • --certificate-file: Path to the public key of the certificate.

    Result:

    device_id: b912an77oq**********
fingerprint: 65e5b05006***
certificate_data: |
   -----BEGIN CERTIFICATE-----
   MIIE/jCCAuagAwIBAgIJANZbq...
   -----END CERTIFICATE-----
created_at: "2019-05-27T13:45:23.306Z"

Set up message exchange between the device and the registry

  1. Subscribe a device or registry to receive messages.
  2. Send a message.

What's next

Previous
Overview
Next
Broker