Other Parts Discussed in Thread: UNIFLASH
Hi,
I'm using a Self-Signed Root CA to issue Vendor/Leaf Certificates to connect devices to an IOT-hub on Azure. To improve the security, I want to add an Intermediate CA that can be switched out if necessary. From my understanding, only the Root CA needs to be in the Cert Catalog (in DER format, without extension, and with its name exactly as its "issued to" field).
Since I have already locked the OTP, I simply tried adding the InterCA to the file system and installed it on the server. This returned: "Connection Not Accepted: 0x5: Not Authorized". When I tried the Dummy Certs, it only worked with a Dummy Intermediate Cert. Which leads me to think that the Intermediate Cert also need to be in the Catalog.
Is this the case? If so, then switching them out will not be possible. Or am I missing something here?
Would love some help here, thanks in advance!
Kind Regards
David