Manufacturing PKI

Nexus' PKI solutions for general IoT applications include issuing factory certificates for identification of devices from start, and issuing certificates for secure communication with or between devices in IoT applications.

Use cases

IoT device certificates

Nexus' PKI solution for IoT can issue operational certificates to devices in various IoT applications. Multiple interfaces are supported for various use cases, see Certificate Manager interfaces. For example, by using the available REST API, it is easy to implement standard certificate management functions. 

Factory certificates

Nexus' Smart ID solution IoT PKI can act as a factory CA to issue factory certificates to devices, in connection with large platforms with built-in CA.

For more information, see Device factory certificates. 

IoT certificates as a service

Nexus GO IoT is a service for issuing and managing PKI certificates for secure identification of IoT devices. It’s easy to get started with the Nexus GO IoT service, and it can be used for different types of certificates for your IoT devices, such as factory certificates and operative certificates. You can access the service using standard protocols. Nexus GO IoT is based on best practices and long-time expertise in delivering PKI. 

Device factory certificates

A factory certificate is used to identify a device when initially deployed at the customer site and can then request its operational certificate from a customer-selected certificate authority (CA). The device can then use its operational certificate to establish secure connections in the network and be trusted for the intended operation. 

The device maker prepares devices with OS, firmware, and so on, and connects to a factory CA for each device to obtain a unique certificate of long validity. Multiple certificate enrollment interfaces are supported by Nexus' IoT solutions solution. 

For a complete description of the available interfaces to Certificate Manager, see Certificate Manager interfaces.