The adoption of non-certified Internet of Things (IoT) devices can expose the system to cyber attacks that can disrupt IoT-based applications or generate fake data. At the same time, complex cryptographic approaches cannot be adopted due to the limited computational and power resources of IoT devices. In the literature, the certification of IoT devices is performed through a Certification Authority (CA) that generates and stores certificates for all the IoT nodes. Usually, CA is hosted in remote sites (e.g., in the Cloud or the IoT service administrator’s private network) and this exposes the IoT ecosystem to attacks. This paper overcomes these challenges by proposing a new Broker based certification process which decouples at the Edge the communication between IoT devices and the CA. Acting as an “intermediary”, the Mobile Edge Computing (MEC) node shields the communication between untrusted IoT devices …