Architecture for Generating Key Pairs

Looking for input and advice!

Many systems, (Google IoT Core MQTT clients, as an example), use a public key for authenticating clients. Ideally, these keys are generated on-device during an initial boot procedure.

What do you do in your architecture to handle these?

Thanks for your input,

A.

Hi Adam, whatever is used to generate the keys can run on your application container. Have you found any problem with that approach?

I’m asking a larger question. Generating keys isn’t difficult. But what are people’s thoughts on getting the public key into your infrastructure, for example?