question

bind87-5823 avatar image
0 Votes"
bind87-5823 asked AshokPeddakotla-MSFT edited

MQTT connect failed with unauthorized error

Hi,

I am facing issue with MQTT connect from my device to IoT Hub.
Have taken the primary connection string after device creation on Azure portal and provided the same to my application and trying to perform MQTT connection.
Receiving MQTT connack with failure value '5' (Unauthorized error).

I suspected that the sas token generated prior to MQTT connect could be the problem so also tried with sas token generated from Azure cli by following "Generate a device SAS token using the iothubowner policy to access the {iothub_name} device registry." and removed the device key from connection string and provided the signature. But observe the same error.

Could you please provide some pointers on what could be the issue.

Thanks

azure-iot-hub
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@bind87-5823
Just checking in to see if the below answer(s) helped.
If an answer is helpful, please "Accept answer" or "Up-Vote" for the same which might be beneficial to other community members reading this thread.

0 Votes 0 ·
SandervandeVelde42 avatar image
0 Votes"
SandervandeVelde42 answered AshokPeddakotla-MSFT converted comment to answer

Hello @bind87-5823 ,

the connection string of an Azure IoT Hub device looks like:

 HostName=edgedemo-ih.azure-devices.net;DeviceId=mslearndevice;SharedAccessKey=o[removed a big part]g=

The connection string of the IoT Hub owner shared access policy looks like this:

 HostName=edgedemo-ih.azure-devices.net;SharedAccessKeyName=iothubowner;SharedAccessKey=Y[removed a big part]4=

You can find that connection string here:

70291-image.png

Note: the iot hub owner key gives full access to your (internet connected) IoTHub. Normally, do not expose it out Azure (only use it within other services running in the cloud).



image.png (83.0 KiB)
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @SandervandeVelde42

Thanks for the response.
Tried with the IoT hub connection string mentioned in Shared access policies
" HostName=<myhub>.azure-devices.net;SharedAccessKeyName=iothubowner;SharedAccessKey=<...>=;DeviceId=<my device-id>, but still encountering the same error for Mqtt connect.

0 Votes 0 ·
AshokPeddakotla-MSFT avatar image
0 Votes"
AshokPeddakotla-MSFT answered

@bind87-5823 If your device uses MQTT protocol, verify that port 8883 is open. For more details, see Connecting to IoT Hub (MQTT). The MQTT port (8883) is blocked in many corporate and educational networking environments. If you can't open port 8883 in your firewall, we recommend using MQTT over Web Sockets. MQTT over Web Sockets communicates over port 443, which is almost always open in networking environments. To learn how to specify the MQTT and MQTT over Web Sockets protocols when using the Azure IoT SDKs, see Using the device SDKs.

Also, I would suggest you check this troubleshooting guide for common errors and resolutions and let us know if that solves your issue.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.