Store Private key for X.509 based DPS securely on HSM
Use the X.509-based enrollment in DPS in IoTEdge without storing the private key on file system.
The idea is to store the Private Key in a HSM and let it never leave.
At this moment, the x.509 provisioning mode only supports a private key on the file system...
Kevin Saye commented
I have Windows partners who are standardizing on certs backed in TPM. This would help them tremendously in their security posture and their standardization.