Authenticate and establish an encrypted channel

The process of authenticating and establishing an encrypted channel using certificate-based mutual authentication involves the following steps:

  1. During configuration, administrators provide a root CA certificate or a certificate chain used to sign certificates on client devices.

  2. The Edge Connect application deploys the certificate chain to the ‚ÄčAkamai‚Äč Platform.

  3. Once the signing CA certificates propagate across the ‚ÄčAkamai‚Äč Platform, client device can connect by using MQTT, HTTP, or WebSocket protocols and request access to a topic.

  4. The edge server presents its certificate to the client device.

  5. The client device checks its list of trusted CAs and verifies the server's certificate.

  6. If successful, the client device sends its certificate to the edge server.

  7. The edge server checks its list of CAs and verifies the client device's certificate.

  8. If successful, a secure connection between the server and the client device is established.