Updating public key certificates in network devices using a blockchain network

The invention claimed is: 1. A method comprising: accessing, by a first network device that is new to a communication network and in a non-provisioned state, a blockchain network, wherein the first network device in the non-provisioned state includes a first public key certificate, and wherein the communication network comprises a plurality of network devices that participate in the blockchain network; determining, by the first network device in the non-provisioned state, whether the first public key certificate included in the first network device is later than a second public key certificate retrieved from a distributed ledger in the blockchain network; in response to determining that the first public key certificate is later than the second public key certificate, generating, by the first network device, a first transaction that records first location information of the first public key certificate in the distributed ledger; obtaining, by the first network device, provisioning information from the blockchain network for placing the first network device in a provisioned state; receiving, by the first network device, a second transaction in the distributed ledger, wherein the second transaction comprises second location information of a new public key certificate; verifying, by the first network device using a smart contract, whether: the new public key certificate is valid; and the new public key certificate is different from a previously recorded public key certificate in the distributed ledger; and in response to successful verification by at least a predefined number of network devices of a collection of network devices including the first network device and the plurality of network devices, recording, by the first network device, the second transaction in a copy of the distributed ledger in the first network device. 2. The method of claim 1 , comprising: generating, by an authoritative network device, the second transaction in the distributed ledger, wherein the authoritative network device is part of the plurality of network devices. 3. The method of claim 2 , wherein the authoritative network device provides a cloud-based service in the communication network, and the provisioning information is provided by the cloud-based service that participates in the blockchain network. 4. The method of claim 2 , comprising: receiving, by the authoritative network device, the new public key certificate from an administrator; and storing, by the authoritative network device, the new public key certificate in an Inter Planetary File System (IPFS) prior to generating the second transaction in the distributed ledger. 5. The method of claim 4 , wherein the second location information of the new public key certificate comprises an IPFS link corresponding to the new public key certificate. 6. The method of claim 1 , wherein the verifying of whether the new public key certificate is valid comprises verifying whether: the new public key certificate has a valid expiry date; the new public key certificate has not been revoked; and a common name (CN) of the new public key certificate matches a CN of a previously deployed public key certificate in each of the plurality of network devices. 7. The method of claim 1 , wherein the verifying using the smart contract comprises verifying whether a source that generated the second transaction is a valid source. 8. The method of claim 1 , comprising: retrieving, by the first network device, the second location information of the new public key certificate from the second transaction recorded in the distributed ledger; obtaining, by the first network device, the new public key certificate using the second location information; and storing, by the first network device, the new public key certificate. 9. The method of claim 1 , wherein the new public key certificate comprises a root certificate authority (CA) certificate or an intermediate certificate. 10. The method of claim 1 , wherein the provisioning information is determined by a blockchain management system using the smart contract. 11. The method of claim 10 , wherein the provisioning information comprises information about a configuration device, and the method further comprises: retrieving, by the first network device, configuration setting information from the configuration device; and configuring the first network device using the configuration setting information. 12. A blockchain network comprising: a plurality of network devices deployed in a communication network, wherein the plurality of network devices are participants in the blockchain network; a further network device comprising a processor and a machine-readable medium storing instructions that, when executed on the processor, cause the further network device to: access, by the further network device that is new to the communication network and in a non-provisioned state, the blockchain network, wherein the further network device in the non-provisioned state includes a first public key certificate; determine, by the further network device in the non-provisioned state, whether the first public key certificate included in the further network device is later than a second public key certificate retrieved from a distributed ledger in the blockchain network; in response to determining that the first public key certificate is later than the second public key certificate, generate a first transaction that records first location information of the first public key certificate in the distributed ledger; obtain provisioning information from the blockchain network for placing the further network device in a provisioned state; receive, at the further network device, a second transaction in the distributed ledger, wherein the second transaction comprises second location information of a new public key certificate; verify, using a smart contract, whether: the new public key certificate has a valid expiry date; the new public key certificate has not been revoked; a common name (CN) of the new public key certificate matches a CN of a previously deployed public key certificate in each of the plurality of network devices; and the new public key certificate is different from a previously recorded public key certificate in the distributed ledger; and in response to successful verification, provide, from the further network device, a consent to record the second transaction in the distributed ledger. 13. The blockchain network of claim 12 , wherein the plurality of network devices comprises an authoritative network device to generate the second transaction. 14. The blockchain network of claim 13 , wherein the authoritative network device provides a cloud-based service in the communication network, and the provisioning information is provided by the cloud-based service that participates in the blockchain network. 15. The blockchain network of claim 12 , wherein the second location information of the new public key certificate comprises an Inter Planetary File System (IPFS) link corresponding to the new public key certificate stored in an IPFS. 16. The blockchain network of claim 12 , wherein the instructions, when executed on the processor, cause the further network device to: verify, using the smart contract, whether a source that generated the second transaction is a valid source. 17. The blockchain network of claim 12 , wherein the instructions, when executed on the processor, cause the further network device to: in response to at least a predefined number of network devices of a collection of network devi