1 réponse
- Le plus récent
- Le plus de votes
- La plupart des commentaires
0
Hi there!
Yes, an X.509 certificate created from a private key in an HSM can be used without going through the CSR step (part of general provisioning). At that point you are using the PKCS#11 interface to utilize the private key. This portion of the docs covers importing an existing key/cert to an HSM, but the steps for configuring Greengrass from step 3 forward will walk you through the config.yaml
, which should look like this when done:
system: certificateFilePath: "pkcs11:object=iotdevicekey;type=cert" privateKeyPath: "pkcs11:object=iotdevicekey;type=private" rootCaPath: "/greengrass/v2/rootCA.pem" rootpath: "/greengrass/v2" thingName: "MyGreengrassCore"
Greengrass will then use certificateFilePath
and privateKeyPath
for all AWS IoT operations (connect to IoT Core, AWS IoT Greengrass, and allowed Roles Alias).
répondu il y a 2 ans
Contenus pertinents
- demandé il y a 2 ans
- demandé il y a 2 mois
- demandé il y a 2 ans
- demandé il y a 2 ans
- AWS OFFICIELA mis à jour il y a un mois