TLS Azure IoT Edge Hub

Veilleux, Wayne 0 Reputation points
2024-03-08T14:47:55.7633333+00:00

Here is there orror message I have when I start the simulated-temperature-sensor:

2024-03-08 14:03:18 : Starting Module

SimulatedTemperatureSensor Main() started.

Initializing simulated temperature sensor to send 500 messages, at an interval of 5 seconds.

To change this, set the environment variable MessageCount to the number of messages that should be sent (set it to -1 to send unlimited messages).

[Information]: Trying to initialize module client using transport type [Amqp_Tcp_Only].

Unhandled exception. System.AggregateException: One or more errors occurred. (TLS authentication error.)

---> System.Security.Authentication.AuthenticationException: TLS authentication error.

---> System.Security.Authentication.AuthenticationException: The remote certificate was rejected by the provided RemoteCertificateValidationCallback.

Azure IoT Edge
Azure IoT Edge
An Azure service that is used to deploy cloud workloads to run on internet of things (IoT) edge devices via standard containers.
535 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Sander van de Velde 28,386 Reputation points MVP
    2024-03-08T18:39:16.0766667+00:00

    Hello @Veilleux, Wayne,

    welcome to this moderated Azure community forum.

    Azure IoT Edge makes use of several (sometimes optional) certificates.

    For example, a certificate could be used as the identity for the IoT Hub registration (opposite to eg. a symmetric key).

    Then there is the TLS certificate for securing the transport of the messages between Egde and IoT Hub. This is managed by the operating system.

    Last but not least, the communication between Azure IoT Edge modules (and potentially child devices) is also secured using a TLS certificate.

    When you create an Azure IoT Edge runtime for the first time, you get a temporary 90 days TLS certificate.

    When it expired, you need to restart the edge again for a new 90 days certificate.

    For production, it's better to replace this or fix the config.yaml for this (see also the side note in this blog post).

    Please perform a 'check' or look at the first log lines of the edgeAgent module te see if that certificate has expired.

    If the response helped, do "Accept Answer". If it doesn't work, please let us know the progress. All community members with similar issues will benefit by doing so. Your contribution is highly appreciated.

    0 comments