Specifications
©2009DigiInternational,Inc. 126
AppendixD:SmartEnergyCertificates
All devices that operate in a ZigBee smart energy deployment must have a certificate installed
that provides the device with a private key and digital certificate that are used to derive a link key
during key establishment. A certificate must be issued by a certificate authority. Each certificate is
tied to the 64-bit extended address (serial number) of the device.
The certificate authority can generate certificates for general test and development use. These
"test" certificates allow devices to implement key establishment, but they cannot communicate
with devices that have live "production" certificates for a certified smart energy deployment.
The XBee SE modules have key establishment disabled by default, and no certificates installed on
them. This is sufficient for development purposes only. When certifying or deploying a smart
energy device, key establishment must be enabled (see EO command). Test certificates are
required when certifying smart energy devices. Production certificates are required for certified
smart energy deployments.
Please contact a certificate authority to obtain certificates. Currently the only authority is
Certicom:
• See http://www.certicom.com/index.php/gencertregister to register for a few test certificates
• Contact jalfred@certicom.com for production certificates or a sizable number of test certifi-
cates.
Once a certificate is obtained, it can be programmed onto an XBee SE module in one of two ways:
1. Serially via API commands (contact se.developer@digi.com for assistance)
2. Through the SIF header via an Ember programming tool (requires some modification to the
module and purchase of hardware from www.ember.com)