This is a sample on how a MCU can rotate certificates, using a cloud side implementation of certificate rotation. It is built off of the Amazon FreeRTOS code.

At a high level, the device will publish to topics, which trigger AWS Lambda functions that create a new certificate and rotate the certificates for you.

The device then stores the new certificate in a buffer and overwrites the old certificate, however this is stored in volatile memory so once the device loses power, the new certificate will be gone.

Further implementations of this can use some library to overwrite the old certificate in NVM (possibly using PKCS).

To setup the cloudside, download, zip, and add the AWS Lambda Functions to an S3 bucket. Then download the cloudformation.json file and create the CloudFormation from the console.

For more information on Amazon FreeRTOS, refer to the Getting Started section of Amazon FreeRTOS webpage.

To directly access the Getting Started Guide for supported hardware platforms, click the corresponding link in the Supported Hardware section below.

For detailed documentation on Amazon FreeRTOS, refer to the Amazon FreeRTOS User Guide.

The following MCU boards are supported for Amazon FreeRTOS:

1. Texas Instruments - CC3220SF-LAUNCHXL.
   • Getting Started Guide
   • IDEs: Code Composer Studio, IAR Embedded Workbench
2. STMicroelectronics - STM32L4 Discovery kit IoT node.
   • Getting Started Guide
   • IDE: STM32 System Workbench
3. NXP - LPC54018 IoT Module.
   • Getting Started Guide
   • IDEs: IAR Embedded Workbench, MCUXpresso IDE
4. Microchip - Curiosity PIC32MZEF.
   • Getting Started Guide
   • IDE: MPLAB X IDE
5. Espressif - ESP32-DevKitC, ESP-WROVER-KIT.
   • Getting Started Guide
6. Infineon - Infineon XMC4800 IoT Connectivity Kit
   • Getting Started Guide
   • IDE: DAVE
7. Xilinx - Xilinx Zynq-7000 based MicroZed Industrial IoT Bundle
   • Getting Started Guide
   • IDE: Xilinx SDK
8. MediaTek - MediaTek MT7697Hx Development Kit
   • Getting Started Guide
   • IDE: Keil uVision
9. Renesas - Renesas Starter Kit+ for RX65N-2MB
   • Getting Started Guide
   • IDE: e2 studio
10. Cypress CYW54907 - Cypress CYW954907AEVAL1F Evaluation Kit
    • Getting Started Guide
    • IDE: WICED Studio
11. Cypress CYW43907 - Cypress CYW943907AEVAL1F Evaluation Kit
    • Getting Started Guide
    • IDE: WICED Studio
12. Marvell MW320 - Marvell MW320 AWS IoT Starter Kit
    • Getting Started Guide
13. Marvell MW322 - Marvell MW322 AWS IoT Starter Kit
    • Getting Started Guide
14. Nordic nRF52840 DK - nRF52840 DK Development kit
    • Getting Started Guide
15. Windows Simulator - To evaluate Amazon FreeRTOS without using MCU-based hardware, you can use the Windows Simulator.
    • Requirements: Microsoft Windows 7 or newer, with at least a dual core and a hard-wired Ethernet connection
    • Getting Started Guide
    • IDE: Visual Studio Community Edition