A device is manufactured with a bootstrapping certificate, an unconfigured symphony agent, and a rendezvous endpoint. When device boots, it contacts the rendezvous endpoint to exchange for a working certificate (after device attestation). The device is registered with Symphony as a Target with proper configuration pushed to the target.
Communication between agent and API uses mutual certificate authentication.
A device is manufactured with a bootstrapping certificate, an unconfigured symphony agent, and a rendezvous endpoint. When device boots, it contacts the rendezvous endpoint to exchange for a working certificate (after device attestation). The device is registered with Symphony as a Target with proper configuration pushed to the target. Communication between agent and API uses mutual certificate authentication.