Manage your CA certificates - Amazon IoT Core
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Manage your CA certificates

This section describes common tasks for managing your own certificate authority (CA) certificates.

You can register your certificate authority (CA) with Amazon IoT if you are using client certificates signed by a CA that Amazon IoT doesn't recognize.

If you want clients to automatically register their client certificates with Amazon IoT when they first connect, the CA that signed the client certificates must be registered with Amazon IoT. Otherwise, you don't need to register the CA certificate that signed the client certificates.


A CA certificate can be registered in DEFAULT mode by only one account in a Region. A CA certificate can be registered in SNI_ONLY mode by multiple accounts in a Region.