Root of factories
If you have multiple factories, signing your factory Certificate Authority (CA) certificates with a common CA certificate, called the root of factories CA, enables devices that you manufacture in different factories to trust each other.
Using the root of factories tool
We recommend you use an established, trusted CA to sign your factory certificates; alternatively, you can set up Secure Factory root of factories services and use an HSM from the Secure Factory solution, with the help of the root of factories (rof) CLI tool located in the service-deployment/rof directory, to:
- Create a root of factories CA certificate.
- Sign factories CA certificate signing requests (CSRs) with the root of factories CA.
Note: Run all root of factories (rof) CLI tool commands from the service-deployment/rof directory.