Authenticate and establish an encrypted channel
The process of authenticating and establishing an encrypted channel using certificate-based mutual authentication involves the following steps:
-
During configuration, administrators provide a root CA certificate or a certificate chain used to sign certificates on client devices.
-
The Edge Connect application deploys the certificate chain to the Akamai Platform.
-
Once the signing CA certificates propagate across the Akamai Platform, client device can connect by using MQTT, HTTP, or WebSocket protocols and request access to a topic.
-
The edge server presents its certificate to the client device.
-
The client device checks its list of trusted CAs and verifies the server's certificate.
-
If successful, the client device sends its certificate to the edge server.
-
The edge server checks its list of CAs and verifies the client device's certificate.
-
If successful, a secure connection between the server and the client device is established.
Updated about 2 years ago