Enable TLS enpoint authentication with certificates

aws-iot-builder-tools / iot-provisioning-secretfree

This solution enables you to define a process to decouple manufacturing from the provisioning process while assuring that private secrets do not have the opportunity to be exposed at any point throughout supply chain, manufacturing, and on-boarding.

MIT No Attribution

35 stars 6 forks source link

Enable TLS enpoint authentication with certificates #20

Open rpcme opened 1 year ago

rpcme commented 1 year ago

In Section 3.3.1, it is defined that TLS server authentication by certificate is required to meet compliance. This would assume that the IoT device has some kind of provisioning certificate available.

rpcme commented 1 year ago

https://docs.aws.amazon.com/apigateway/latest/developerguide/getting-started-client-side-ssl-authentication.html

But there is no mention on whether or not this meets RFC5280 conformance.