1 Answer
- Newest
- Most votes
- Most comments
1
Hi. That old re:Post question talks about TLS1.2 because AWS IoT Core did not support TLS1.3 at that time. Unfortunately it's still the case that AWS IoT Core does not currently support TLS session resumption. For any TLS version.
Relevant content
- asked 8 months ago
- Accepted Answerasked a year ago
- AWS OFFICIALUpdated 7 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated a year ago
Thank you Greg. That is unfortunate news, but we must go on with it. Would you recommend some of the (63 for "mqtt" search) AWS Marketplace offerings instead? Our usage is very moderate, so IoT Core is almost free for us. But having TLS resumption is more important now. And QoS 2 would be nice too, if we're already at an alternative path.
Do you have flexibility on the key algorithm? You can reduce the overhead by using ECDSA-P256, to minimize the certificate size. You might also consider custom authentication to avoid the use of certificates altogether: https://docs.aws.amazon.com/iot/latest/developerguide/custom-authentication.html. I don't have any recommendations among the marketplace offerings.