Cumulocity IoT Feedback Portal
Add new feedback Subscribe
Status Planning / planned
Workspace Cumulocity IoT Platform Services
Categories Authentication & Authorisation
Created by Guest
Created on May 6, 2021

RELATED FEEDBACK

Device Certificate Authentication - Support CRL/OCSP

In devicemanagement, one can onboard devices with a certificate but after onboarding, there is no possibility to authenticate with certificates.

It would be a big added value for security and management of our clients, since no credentials would be needet.

The big issue with device onboarding with certificates is the missing CRL or OCSP. For both usecases (onboarding and authentication) CRL and/or OCSP is a must, since without this funcionality, there is no possibility to revoke compremiced certificates

  • Attach files
  • Admin
    Nikolaus Neuerburg
    Reply
    |     May 6, 2021

    Thanks a lot for the feedback.

    Supporting CRL or OCSP to be able to revoke individual certificates is an important feature on our backlog.

    What do you refer to with "there is no possibility to authenticate with certificates". A device is able at any time to authenticate to the platform using its individual certificates. Details are described here: https://cumulocity.com/guides/device-sdk/mqtt/#device-certificates