AWS IoT Core凭据提供程序需要发送私钥。

0

【以下的问题经过翻译处理】我正在阅读这些文件，并注意到请求安全令牌的步骤需要客户端向凭证提供程序服务发送其私钥。

这在以下文档中有提到： https://docs.aws.amazon.com/iot/latest/developerguide/authorizing-direct-aws.html https://aws.amazon.com/blogs/security/how-to-eliminate-the-need-for-hardcoded-aws-credentials-in-devices-by-using-the-aws-iot-credentials-provider/

乍一看，我认为这是一个安全漏洞，会破坏首次使用非对称密钥的目的。

如果有人能解释一下这个操作，我将不胜感激。

Topics

Internet of Things (IoT)Security, Identity, & Compliance AWS Well-Architected Framework

Tags

AWS IoT Core Device Security Security

Language

中文 (简体)

EXPERT

rePost Polyglot

asked 6 months ago30 views

1 Answer

Newest
Most votes
Most comments

Are these answers helpful? Upvote the correct answer to help the community benefit from your knowledge.

0

【以下的回答经过翻译处理】你好，

私钥 永远不会 被发送到凭证提供程序。它用于与终点建立相互认证 (mTLS) 连接。这使得凭证提供程序能够验证呈现的 X.509 证书。

EXPERT

rePost Polyglot

answered 6 months ago

Relevant content

电子邮件可以收取但无法发送邮件
Accepted Answer
rePost-User-6394659
asked a year ago
The AWS Lambda program sometimes fails to trigger, while other times it works correctly.
Accepted Answer
HaydenLuo
asked 6 months ago
多网络接口，多ip地址配置路由策略，从那个公网ip进入就从对应的ip出去。
rePost-User-8489725
asked a year ago
sagemaker美国人口普查数据在中国宁夏区下载提示拒绝访问
LiuChuang
asked a year ago
How can I use JITP with AWS IoT Core?
AWS OFFICIALUpdated 2 years ago
How do I manage the log levels of my AWS IoT logs in AWS IoT Core?
AWS OFFICIALUpdated 5 months ago
How do I troubleshoot a disconnection with a "SERVER_INITIATED_DISCONNECT" message in AWS IoT Core?
AWS OFFICIALUpdated 8 months ago
How do I configure logging levels dynamically for specific resources in AWS IoT Core?
AWS OFFICIALUpdated a year ago
Combining AWS IoT Core with Step Functions to optimize IoT Data ingestion and consumption
EXPERT
Charlyscott237
published 4 months ago
Connect and Publish to AWS IoT Core using the AWS SDK for .NET
EXPERT
Kai Dickman
published 7 months ago