Use the Secure Key Injection Protocol in Certificate Manager
This article includes updates for CM 8.6.1.
This article describes the process of how to use a secure key injection protocol (SKIP) for constrained devices in Smart ID Certificate Manager (CM). Such a device is only required to generate an initial factory key pair and the rest of the required key pairs are generated and provided by Certificate Manager.
The protocol consists of a single request and response exchange.
- The request contains a single PKCS#10 encoded certificate signing request with the initial factory public key.
- The response contains a CMS SignedData type with the generated key pairs and issued certificates.