In the home automation scenario, smart gateway can bridge the many smart devices with Internet. In many cases, a server's public certificate is stored in the embedded system's ROM during manufacturing.
For example, in case of AlertMe gateway, each gateway device is manufactured with a unique ID. In addition, it also holds the public certificate of the AlertMe servers in ROM. On first boot, the gateway device generates a random RSA key pair, connects to the AlertMe servers, verifies the server’s identity (using the ROM public certificate), and gives the server its random public key.
My question is, since in the SSL/TLS connection the server will send its certificate to the gateway, why does the gateway have to store a public certificate in the ROM, before its first boot. If, like what it says, it is for the verification purpose, how does the gateway verify the server's identity? Does it just compare the gateway's certificate in the ROM with server's certificate sent at SSL handshake? Can't the embedded system contact the CA, to verify the identity of the server?
Moreover, on first boot, gateway will generate RSA key pair, and then the certificate. Where is the safest place in the Linux based gateway/embedded system to store the key?