1 回答
- 最新
- 投票最多
- 评论最多
2
Hi. This is an aspect of mutual TLS rather than anything specific to AWS IoT Core. Please refer to this high level description of the sequence: https://en.wikipedia.org/wiki/Transport_Layer_Security#Client-authenticated_TLS_handshake
In particular:
The client sends a CertificateVerify message, which is a signature over the previous handshake messages using the client's certificate's private key. This signature can be verified by using the client's certificate's public key. This lets the server know that the client has access to the private key of the certificate and thus owns the certificate.