static async Task <LeafDevice> CreateWithCaCertAsync( string leafDeviceId, string parentId, CertificateAuthority ca, IotHub iotHub, ITransportSettings transport, string edgeHostname, CancellationToken token) { Device edge = await GetEdgeDeviceIdentityAsync(parentId, iotHub, token); Device leaf = new Device(leafDeviceId) { Authentication = new AuthenticationMechanism { Type = AuthenticationType.CertificateAuthority }, Scope = edge.Scope }; leaf = await iotHub.CreateDeviceIdentityAsync(leaf, token); return(await DeleteIdentityIfFailedAsync( leaf, iotHub, token, async() => { LeafCertificates certFiles = await ca.GenerateLeafCertificatesAsync(leafDeviceId, token); (X509Certificate2 leafCert, IEnumerable <X509Certificate2> trustedCerts) = CertificateHelper.GetServerCertificateAndChainFromFile(certFiles.CertificatePath, certFiles.KeyPath); // .NET runtime requires that we install the chain of CA certs, otherwise it can't // provide them to a server during authentication. OsPlatform.Current.InstallTrustedCertificates(trustedCerts); return await CreateLeafDeviceAsync( leaf, () => DeviceClient.Create( iotHub.Hostname, edgeHostname, new DeviceAuthenticationWithX509Certificate(leaf.Id, leafCert), new[] { transport }), iotHub, token); }));