Skip to main content

Device Trust Manager

Welcome to DigiCert® Device Trust Manager. Device Trust Manager is your all-in-one solution for securing IoT devices.


DigiCert® Device Trust Manager is currently in development and not all features are available in this early access environment. Learn more about Device Trust Manager early access functionality.


Device Trust Manager helps OEMs comply with various IoT cybersecurity regulations, which often require:

  • Utilizing certificates for identity and authentication.

  • Employing robust encryption to monitor, disclose, and address vulnerabilities.

  • Performing remote updates.

System architecture

Understanding the system architecture of Device Trust Manager is crucial for effective device management and setting up your device. The TrustEdge agent, powered by DigiCert’s TrustCore SDK, communicates with Device Trust Manager Rendezvous Service over MQTT 5.0 and TLS 1.3. To better understand the system architecture, review the diagram below.TrustCore SDK

Figura 1. Device Trust Manager system architecture
[en] Device Trust Manager system architecture

Key components

  • Rendezvous service: A scalable MQTT endpoint that can be horizontally scaled and geographically distributed to handle numerous devices. It facilitates communication between devices and Device Trust Manager backend and microservices.

  • Integration: Device Trust Manager runs on the DigiCert ONE platform and integrates with other DigiCert managers.


Integrations with external services and platforms (such as EJBCA, SIEM tools, and AWS IoT Core) are possible, but not currently available in the early access environment.

OEMs can integrate their connected product software with Device Trust Manager via the Device Trust Manager REST APIs.

Set up your Raspberry Pi 4

Congratulations on your new Raspberry Pi 4 equipped with the TrustEdge agent powered by DigiCert's TrustCore SDK. We are thrilled to have you join us in the Device Trust Manager early access demo environment. This is an exciting opportunity to get your device up and running with cutting-edge management tools that are in active development.TrustCore SDK

Device Trust Manager early access environment provides an opportunity for users to test new features, though it comes with some current limitations. As development progresses, you can expect enhancements and expanded functionalities.

Known issues and limitations

  • Static data on dashboards: Currently, the dashboard and vulnerabilities pages display static data. We are working to support real-time data in future releases.

  • Network configuration limits: TrustEdge agent uses TCP port 1883 by default. We plan to add support for TCP port 8883 soon.

  • Certificate policy management: Integration with IoT Trust Manager, allowing you to create and edit Certificate Policies, will be available shortly.

  • OS and platform support: TrustEdge agent is currently supported on Debian Linux only. We are planning to add support for more operating systems and RTOS platforms. Please let us know which platforms you would like us to prioritize!

  • Supported artifacts: For now, only Device Configuration software artifacts are supported. We will include support for other artifact types, such as firmware updates, in future updates.

  • SBOM integration: Support for Software Bill of Materials (SBOM) will be integrated later this year with Software Trust Manager.

  • Unfinished UI components: Several navigation bar pages are still under development and will be filled out soon.

  • Email notifications: Functionality for email notifications is in development and will be introduced soon.

If you have questions or feedback, feel free to join our Slack channel. Your insights are invaluable as we continue to improve the Device Trust Manager.