2

What is the best practice for certificate management on an IOT device (bare metal microcontroller with GSM modem that communicates to a secured MQTT broker)?

Looking at Let's Encrypt certbot, they have 90 day expiry, then the certs should be updated. Should the certs also be sent via the existing secured MQTT connection when it is time for update? How if the device was turned off for a long time and when opened, it is already past the cert expiry? I learned that self-signed certificate is a bad idea however using it will greatly simplify the certificate management as the expiry date could be lengthen to many years.

I am wondering how the wifi cameras handle their certificate management.

newbie programmerz
  • 123
  • 3

1 Answers1

2

There are multiple pieces here.

  1. You can make a HTTPS call and be sure of the server you're talking with, if you have the right valid root CA certificate. These are usually going to last 20 years. If you dont have one, you may still be able to make the call, but cannot be sure of the server.
  2. You could make such HTTPS call to get a new device specific certificate. The server then needs some way to know its a valid device that is calling the HTTPS service to get a certificate. You could use your old certificate to generate the secret or use some other device specific secret that you put in it when you made the device. Use a hash based on it. This is needed if it matters that it has to be your hardware. If not, this step can be relaxed a bit and a new certificate can be sent to the device without any device specific secret. Maybe its tied to a user account by generating a random number on the device, showing it to the user on the device UI and having the user put it into your web page. That way, the user is bringing in this device and you're trusting the user. The device then gets the certificate and works on behalf of the user from that point on.
kalyanswaroop
  • 1,208
  • 5
  • 16