DinGoCA.pem

(/opt/GoIoT/DinGo/bin/ssl/DinGoCA.pem)

This file is installed with the DINGO-Stack package.

This is the public DINGO root CA certificate. A CA (certificate authority), is an entity that issues digital certificates, signed by its root CA certificate. It acts as a trusted third party, between the owner of a certificate and the party relying upon the certificate.

In specific terms, this means that the DINGO device has its own root CA certificate. It will then generate HTTPS certificates, that are used to secure the DINGO-Stack web services, and signed by the root CA certificate. The browsers on the remote devices, need to trust these HTTPS certificates, and do so by first downloading the DINGO root CA certificate and installing it into its trusted CA repositories.

When the root CA certificate is generated by /opt/GoIoT/DinGo/bin/ssl/rn_create_root_certificate.sh, it is also copied to /var/www/DingoWSClient/DinGoCA.pem so that it can be downloaded via the DINGO-Stack web server at this location: http://some-ip-address/DinGoCA.pem

Note: The HTTPS certificates are generated by using both the private DinGoCA.key and public DinGoCA.pem. This means that others can not generate trusted HTTPS certificates without the private key, which means it must not be downloadable or otherwise compromised.