Since it’s launch back in 2015, AWS IoT has been a hit with users worldwide. Today AWS is making this service even more flexible by introducing just-in-time certificate registration for devices.
In short, you no longer have to create a database to keep track of certificates and their matching devices. Instead, you register the device with a certificate during their initial communication. This makes it simple to create a system for millions of devices.
To begin with, you must have a CA (Certificate Authority) certificate. Then the process goes like this:
- You will register and activate the CA certificate.
- Use this certificate to create and sign the certificates you will use per device.
- Let the device present the certificate to AWS and then activate it.
- Finally, use an AWS Lambda function to notify you when a new certificate is present to AWS. It can also activate the certificate and handle any registration or initialization.