I'm trying to publish some data on the Azure IoT hub using Mqtt. I've succesfully published some data, using a SAS token.
But my customer wants a x509 self generated & self signed certificate. Azure is supporting this, but doesn't give much information about it. (https://docs.microsoft.com/en-us/azure/iot-hub/iot-hub-devguide-security#supported-x509-certificates)
A self-generated and self-signed X-509 certificate. A device manufacturer or in-house deployer can generate these certificates and store the corresponding private key (and certificate) on the device. You can use tools such as OpenSSL and Windows SelfSignedCertificate utility for this purpose.
Note IoT Hub does not require or store the entire X.509 certificate, only the thumbprint.
What I've done is created a CA certificate and key.
$openssl req -newkey rsa:2048 -x509 -nodes -sha256 -days 365 -extensions v3_ca -keyout ca.key -out ca.crt
Created a client key and signing request
$openssl genrsa -out client.key 2048
$openssl req -new -sha256 -out client.csr -key client.key
Signed the request and created the certificate
$openssl x509 -req -sha256 -in client.csr -CA ca.crt -CAkey ca.key -CAcreateserial -CAserial ca.srl -out client.crt -days 365
I've uploaded the client key and certificate to the modem. And inserted the thumbprint of the client certificate.
My modem can succesfully connect to myhub.azure-devices.net/deviceId (port 8883) But when new data arrives it can't decode it.
Any help will be much appreciated..!!