By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

Is it possible to register CA with AWS IoT Core without having access to Private Key ?

0

Let's say we are getting our device certificates signed by 3rd party CA e.g digicert. Can we register this 3rd party CA on AWS IoT Core for JITP without having access to Private Key ? As the registration process requires the proof of ownership. [https://aws.amazon.com/about-aws/whats-new/2022/07/aws-iot-core-provision-iot-devices-aws-accounts-registrations-certificate-authorities/](This Blog) seems to suggest that it's possible but did not find details anywhere on the workflow.

Topics
Internet of Things (IoT)
Tags
AWS IoT CoreAWS IoT Device Management
Language
English
Ravi Trivedi
asked 2 years ago703 views
1 Answer
1

Hi Ravi,

you can register a CA without having access to the private key in SNI_ONLY mode: https://docs.aws.amazon.com/iot/latest/developerguide/register-CA-cert.html

Cheers,
Philipp

AWS
EXPERT
Philipp S
answered 2 years ago
  • Ravi Trivedi
    2 years ago

    Ok, In this case does device need to send SNI in the TLS handshake? or its is applicable only when the device cert ( Not CA cert ) is registered as SNI_ONLY ?

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content