AWS IoT Core credential provider requires private key to be sent
0
I was reading through these docs and noticed that the steps to request a security token requires the client to send its private key to credential provider service.
curl --cert your certificate --key your device certificate key pair -H "x-amzn-iot-thingname: your thing name" --cacert AmazonRootCA1.pem https://your endpoint /role-aliases/your role alias/credentials
Are these answers helpful? Upvote the correct answer to help the community benefit from your knowledge.
0
Accepted Answer
Hi,
The private key is never sent to the Credential Provider. It is used to establish a mutual (mTLS) connection with the endpoint. That gives Credential Provider the ability to verify the presented X.509 certificates.