• 15
name

A PHP Error was encountered

Severity: Notice

Message: Undefined index: userid

Filename: views/question.php

Line Number: 191

Backtrace:

File: /home/prodcxja/public_html/questions/application/views/question.php
Line: 191
Function: _error_handler

File: /home/prodcxja/public_html/questions/application/controllers/Questions.php
Line: 433
Function: view

File: /home/prodcxja/public_html/questions/index.php
Line: 315
Function: require_once

name Punditsdkoslkdosdkoskdo

How to embed a tls certificate into an IOT device

We need to protect the authentication process to devices we produce. Since these devices are installed in the customer (typically a non professional) network, we can't get a regular tls certificate from a CA. Is there a way to get a trusted certificate in such an environment?

Given that the device will not usually have a public domain name you cannot get a certificate from a public CA for it. And, even if it has a public domain name it is usually in control of the customer and not you so you cannot get a public certificate for it either.

The common approach is to create a unique self-signed certificate for each device and expect the user to add an certificate exception. Additionally a way for the customer to upload his own certificate should be provided so that the customer can integrate the device better into his own infrastructure.

  • 0
Reply Report

It depends on whether you need to assume all responsibility for the security or you allow the customer to do this.

If you need to take responsibility, you can go down the path of private intermediate and root CA. There are two options - create your own or use a vendor such as DigiCert. I would recommend the latter even though there are upfront and maintanence costs.

  • 0
Reply Report

Trending Tags