I’ve a custom cloud client implementation, where I use a TLSSocket to establish a MQTT network connection.
My mbed-os device does the following:
- Generates a rsa-keypair using the mbedtls library,
- Creates a CSR using the keypair
- Sends this CSR to the cloud using a secure restful api
- The restful api returns a client certificate.
By using the self-generated private key, client certificate received from the restful api, and hard-coded CA, we establish a MQTT network via TLSSocket.
How can I use a secure element (like atecc608a or infineon optiga-x) to increase the security of my device, base on my TLSSocket use case described above?