Is it possible to register CA with AWS IoT Core without having access to Private Key ?


Let's say we are getting our device certificates signed by 3rd party CA e.g digicert. Can we register this 3rd party CA on AWS IoT Core for JITP without having access to Private Key ? As the registration process requires the proof of ownership. [](This Blog) seems to suggest that it's possible but did not find details anywhere on the workflow.

asked a year ago492 views
1 Answer

Hi Ravi,

you can register a CA without having access to the private key in SNI_ONLY mode:


answered a year ago
  • Ok, In this case does device need to send SNI in the TLS handshake? or its is applicable only when the device cert ( Not CA cert ) is registered as SNI_ONLY ?

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions