G-SDK uses SSL/TLS X.509 certificates for secure communication. The certificates fulfill two functions. First, they can assist with authenticating and verifying the identity of a master gateway. Second, they enable the encryption of communication packets. Please note that the private keys should not be shared with anyone.

Server certificate

The following certificates are necessary for running a master gateway.

ca_cert
The root CA certificate in PEM format. You can create it using -c command line option. Your applications also need this file to authenticate the master gateway.
ca_key
The private key of the root CA in PEM format. It will be created with ca_cert.
server_cert
The server certificate of the master gateway in PEM format. You can create it using -c or -cs command line option. Your application will authenticate this certificate with the ca_cert.
server_key
The private key of the server certificate in PEM format. It will be created with server_cert.
admin_cert
The default client certificate with the tenant ID of ‘administrator’. You can create it using -c or -cs command line option. Your application will need the certificate and the below key to login to the master gateway as an administrator. See LoginAdmin and the quick start guide for the usage of this certificate.
admin_key
The private key of the administrator certificate in PEM format. It will be created with admin_cert.

Tenant certificate

tenant_xxx_cert
The client certificate with the specified tenant ID. You can create it using -ct command line option. Your application will need the certificate and the below key to login to the master gateway. See Login and the quick start guide for the usage of this certificate.
tenant_xxx_key
The private key of the tenant certificate in PEM format. It will be created with tenant_xxx_cert.

Gateway certificate

gateway_xxx_cert
The client certificate with the specified gateway ID. You can create it using -cg command line option. The device gateway will need the certificate and the below key to connect to the master gateway. See Certificates for configuring the related options for the device gateway.
gateway_xxx_key
The private key of the gateway certificate in PEM format. It will be created with gateway_xxx_cert.

Updated: