Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

Is it possible to register CA with AWS IoT Core without having access to Private Key ?

0

Let's say we are getting our device certificates signed by 3rd party CA e.g digicert. Can we register this 3rd party CA on AWS IoT Core for JITP without having access to Private Key ? As the registration process requires the proof of ownership. [https://aws.amazon.com/about-aws/whats-new/2022/07/aws-iot-core-provision-iot-devices-aws-accounts-registrations-certificate-authorities/](This Blog) seems to suggest that it's possible but did not find details anywhere on the workflow.

Topics
Internet of Things (IoT)
Tags
AWS IoT Device ManagementAWS IoT Core
Language
English
asked 3 years ago803 views
1 Answer
1

Hi Ravi,

you can register a CA without having access to the private key in SNI_ONLY mode: https://docs.aws.amazon.com/iot/latest/developerguide/register-CA-cert.html

Cheers,
Philipp

AWS
EXPERT
answered 3 years ago
  • rePost-User-7689234
    3 years ago

    Ok, In this case does device need to send SNI in the TLS handshake? or its is applicable only when the device cert ( Not CA cert ) is registered as SNI_ONLY ?

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content