/technologies/industrial-automation-space/b/blog/posts/connect-to-avnet-iotconnect-io-with-node-red---part-9e-iiot-supply-chain-and-certificates---testFor context, check the intro post . Summary: How to use Signed Certificates in an IoT supply chain. Without giving away your private keys to your subcontractor.At the end of this post, you completed 90% of the end-to-end process.You, as subcontra...en-USTelligent Community 12https://community.element14.com/technologies/industrial-automation-space/b/blog/posts/connect-to-avnet-iotconnect-io-with-node-red---part-9e-iiot-supply-chain-and-certificates---testMon, 17 May 2021 16:37:33 GMT93d5dcb4-84c2-446f-b2cb-99731719e767:10be91e4-8385-4147-a1da-1da0ecd22995Jan Cumps0<p>I have done additional tests last weekend.</p><p>When I originally wrote this, I tried to see if the mechanism really checked if the signature matches a named device, and if at connection time it is validated if a device is signed by the expected certificate chain.</p><p>&nbsp;</p><p>I have now tried to see if I could spill over to another online entity (equals a company), if they happen to use the same Root CA provider.</p><p>That is also working as expected. Even if 2 companies share and register the same Root certificate, the connection is rejected when a thing tries to connect to the other company.</p><p>&nbsp;</p><p><span>[View:/resized-image/__size/930x33/__key/commentfiles/f7d226abd59f475c9d224a79e3f0ec07-10be91e4-8385-4147-a1da-1da0ecd22995/contentimage_5F00_207918.png:930:33]</span></p><p>&nbsp;</p><p><span>[View:/resized-image/__size/561x317/__key/commentfiles/f7d226abd59f475c9d224a79e3f0ec07-10be91e4-8385-4147-a1da-1da0ecd22995/contentimage_5F00_207919.png:561:317]</span></p><p>&nbsp;</p><p>Good.</p><img src="https://community.element14.com/aggbug?PostID=11155&AppID=141&AppType=Weblog&ContentType=0" width="1" height="1">