How to use tpm private key for TLS with IoT Hub SDK (Not TPM Attestation) - for DeviceAuthenticationWithX509Certificate

Question

How to use tpm private key for TLS with IoT Hub SDK (Not TPM Attestation) - for DeviceAuthenticationWithX509Certificate

rogrok opened this issue a year ago · 4 comments

Answer 1 · 2024-01-04T18:28:46.000Z

The documentation here https://learn.microsoft.com/en-us/dotnet/api/microsoft.azure.devices.client.deviceauthenticationwithx509certificate?view=azure-dotnet states that the Certificate private key should be in the store or in the object.

Certificate | Gets or sets the X.509 certificate associated with this device. The private key should be available in the X509Certificate2 object, or should be available in the certificate store of the system where the client will be authenticated from.

Answer 2 · 2024-01-08T17:25:33.000Z

Currently, we don't support this scenario. The only TPM-based authentication we support right now is symmetric key-based

Answer 3 · 2024-01-08T17:47:46.000Z

Thanks Tim, is there a plan to add this for future ?

Answer 4 · 2024-01-09T18:21:43.000Z

We don't have any immediate plans to add it, but it is possible we have time in the future to make this happen.