This offer is only addressed to commercial customers including freelancers and entrepreneurs. All prices are exclusive of value added tax (VAT).
  • Share via email
  • Subscribe to blog alert

Bosch IoT Hub: support for multiple tenants using the same trusted CA certificate

The new release of Bosch IoT Hub, the device connectivity layer of Bosch IoT Device Management, comes with the following improvements:

Support for multiple tenants using the same trusted CA certificate

Until now, the CA certificate was tenant-unique and could be used only within the scope of a single subscription. This was a strict requirement when authenticating with client certificates. However, large-scale organizations may have multiple tenants within their setups, such as separate tenants for development, testing, and production purposes. As device authentication may be needed through the different stages, and respectively tenants, Bosch IoT Hub has simplified the workflow by allowing the possibility to authenticate multiple tenants with a single organization-wide CA certificate.

This CA certificate sharing is realized by creating a trusted group where you provide the tenant IDs of the tenants that will be allowed to share the CA certificate. When the CA certificate is unique per tenant, the identification of tenant ID during device authentication is fulfilled based on the subject-dn of the CA certificate. Tenant grouping, on the other hand, enables a client organization to share a CA certificate between different tenants. In such cases, the identification of tenant ID during device authentication is fulfilled based on the Server Name Indication (SNI) during the TLS handshake. For that purpose, the unique tenant identifier tenant-alias must be provided as a prefix to the SNI.