Hello @Somiya ,
IoT Edge certificates are used by the modules and downstream IoT devices to verify the identity and legitimacy of the IoT Edge hub runtime module. These verifications enable a TLS (transport layer security) secure connection between the runtime, the modules, and the IoT devices. Like IoT Hub itself, IoT Edge requires a secure and encrypted connection from IoT downstream (or leaf) devices and IoT Edge modules. To establish a secure TLS connection, the IoT Edge hub module presents a server certificate chain to connecting clients in order for them to verify its identity.
This article explains how IoT Edge certificates can work in production, development, and test scenarios.
Understand how Azure IoT Edge uses certificates
You may also use certificates to authenticate your IoT Edge device to IoT Hub. Those authentication certificates are different. For more information about authenticating your device with certificates, see Create and provision an IoT Edge device using X.509 certificates.
Device identity certificates are only used for provisioning the IoT Edge device and authenticating the device with Azure IoT Hub. They aren't signing certificates, unlike the CA certificates that the IoT Edge device presents to modules or leaf devices for verification. For more information, see Azure IoT Edge certificate usage detail.
Please comment in the below section to get more help in this matter, we are happy to help you further.