1

I'm rather confused about self-signed certificates. I would be grateful if anyone can clear up my confusion.

I'm working with Amazon AWS IoT, and in order to create our own certificates on a device to communicate with the cloud, we must first create and register our own CA certificate.

We first create the CA private key, then the CA certificate which is signed with that private key.

We then create a device private key and a device CSR with that private key.

We then combine the CA private key with the CA certificate and the device CSR to produce the device certificate which gets registered on the cloud for future comparison when the device wishes to connect to it securely.

Do we need to keep both private keys at this point? (both CA private key and device private key)

Can we even just throw away the private keys because the device certificate and CA certificate is already generated?

Don't we just need to send the certificate to the cloud when initiating a secure connection and then the cloud uses the public keys to verify that it actually came from the device?

Engineer999
  • 257
  • 1
  • 8

1 Answers1

4

The CA private key that belongs to the self-signed certificate is only used to sign certificates and, possibly, to sign OCSP responses or CRL's. So besides signing (future) child certificates, it may also required to establish the status of already issued certificates. If this is not expected to happen often then you could store the private key away on an offline device or two, and put those in a safe. Don't forget to securely wipe the private keys from the device that performed the signing, or keep that device itself safe. Note that issued certificates commonly have a shorter validity period than the root certificate; you may need to request subsequent certificates even for the same use case.

The device private key is required to perform device authentication. Of course, the other party first needs to establish that the device certificate is valid by performing verification (using the public key) and validation: checking the date, name and indeed certificate status. However, a certificate is public, it can be send by anyone. The device is only authenticated after it proves that it contains or has access to the private key that belongs to the public key within the certificate. So some kind of authentication procedure must be followed, which commonly requires the private key to sign some kind of challenge. The signature over the challenge can then be verified by the other party. As nobody should be able to create a signature over the - hopefully unique - challenge the device is then considered authentic, i.e. the identity of the entity is affirmed. This does of course mean that the private key needs to be available to the device each time the identity needs to be established; it can generally not be stored offline.

So no, you should not securely destroy the private keys while the certificates are valid.

Maarten Bodewes
  • 4,562
  • 15
  • 29