Reasons for certificate renewal
Certificates and keys are stored on your IoT device or a gateway for various purposes. For example, they may be used to increase security and trust when a device attempts to connect to online services.
As a part of the certificate life-cycle management, you probably want to instruct Device Management to extend the certificate expiration date on a device or a gateway.
Device certificates embed hardcoded expiration dates. When they expire, your device will no longer be able to connect to various services. Such services may include Device Management (LwM2M service) or your own specific services, for example DLMS or WiSUN, used for managing your devices.
The main reasons for initiating the certificate renewal are:
- The existing certificate has expired or is about to expire.
- The device was breached.
- You want to replace the certificate that was stored in the factory.
- You need to renew the issuer of the certificate.
You can store the certificates on the device as part of the factory provisioning process, as described on the Pelion Device Management Factory Provisioning documentation site or when provisioning development devices.