Share via

Using X.509 certificates to authenticate devices to IoT hub

Arun Kumar 40 Reputation points
2024-05-06T11:54:38+00:00

Hello ,

I am using X.509 certificates to authenticate devices to IoT hub using a MQTT client as shown in the code snippet below:

TrustRootCER = "./DigiCertGlobalRootG2.crt"

deviceCert = "./18B8C0FC73A9F382CE48FDAAB5A46E14.pem"

deviceCertKey = "./device1.key"

client.tls_set(ca_certs=TrustRootCER, certfile=deviceCert, keyfile=deviceCertKey, cert_reqs=ssl.CERT_REQUIRED, tls_version=ssl.PROTOCOL_TLSv1_2, ciphers=None)

The client fails to connect with error below:

 context.load_verify_locations(ca_certs)

ssl.SSLError: [X509: NO_CERTIFICATE_OR_CRL_FOUND] no certificate or crl found (_ssl.c:4154)

Could you let me know if I am using the right certificate DigiCert Global Root G2 or if I am missing anything over here.

Thanks

Azure IoT Hub
Azure IoT Hub
An Azure service that enables bidirectional communication between internet of things (IoT) devices and applications.
1,137 questions
0 comments
Accepted answer
  1. Sander van de Velde 29,856 Reputation points MVP
    2024-05-06T18:43:35.0033333+00:00

    Hello @Arun Kumar,

    welcome to this moderated Azure community forum.

    The Azure IoT Hub uses a Digicert certificate to encrypt the transport of data (TLS).

    You can which certificate is used using:

    openssl s_client -connect [your iot hub].azure-devices.net:8883

    For example, I check my personal IoT Hub:

    User's image

    As you can see, the Digicert G2 is used.

    You can find the public cert file here. Please verify you have a legit certificate (don't just copy them directly from the internet :-) ).

    If the response helped, do "Accept Answer". If it doesn't work, please let us know the progress. All community members with similar issues will benefit by doing so. Your contribution is highly appreciated.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest