Announcement: Certificate Updates for Watson IoT Platform
  • Internet of Things Platform
  • Germany
    United Kingdom
    US South
  • Description
    We are going to make changes to the Watson IoT Platform in relation to security. These changes impact some endpoints communicating using TLS over MQTT to the Watson IoT Platform. It is referred to as the IoT messaging service. The certificate associated to this service is called the Messaging Certificate and is signed by a reputable certificate authority. The domain used on the messaging certificate is *messaging.internetofthings.ibmcloud.com. The Watson IoT Platform has a certificate signed by a reputable certificate authority, so you can trust that you are connecting to the genuine Watson IoT Platform. This information is also captured in our official security documentation.

    The current Messaging Certificate is expiring – this is the reason for this announcement and the planned replacement of that certificate. This change is standard practice and should cause minimal disruption to your interactions with the Watson IoT Platform.

    We have identified a few instances where you might have to take action based on these changes. Specifically, if you are using certain client runtimes then they might need to be updated with the latest credentials (messaging.pem file).

    Key points:
    • These changes only affect devices that connect with TLS.
    • If your devices are using the current Digicert public certificates to verify our certificate, which is the best practice, then everything will continue to work.
    • If you have hard-coded the current Messaging public key into your client code and you are using it to check the connection to our server, then you will have issues after these changes.
    • We recommend that you follow the best practice (point 2 above).
    The previous information and supporting guidance has already been posted in a IBM Cloud platform notification.

    This information originated in the Notice: Certificate Updates for Watson IoT Platform article within the Bluemix blog.