Azure IoT Hub : X509 certificate location
Question
I am doing a hands on IoT Hub, so everything is only my local desktop. In production, I was curious to know where each of the certificates would be placed ie on Device or IoT Hub or somewhere else :
Root Certificate - Uploaded on Azure Portal Verified Certificate - Uploaded on Azure Portal PFX File - On Device Intermediate Certificates (Chain of Trust) - ??? Root Certificate PEM File - ???
Sorry for this insane question. But I want to know the same. Thanks in advance.
1 answers
solution1
0 2018-01-24 22:05:34
On the device the certificate can be anywhere that makes sense, but the certificate store is probably the best option. You don't need to store the root certificate anywhere though. The IoT Hub service only checks that the thumbprint is valid, but doesn't do any chain validation. The place to do that is in whatever process you're using to register the devices.
That's all different if you're using IoT Hub Provisioning Service though, as that will do chain validation, and the device cert must reside on a TPM.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.