IoT Hub and IoT Hub Device Provisioning Service are updating their TLS certificates with a new Microsoft certification authority chained under a new certification authority root - DigiCert Global Root G2. You

Question

Hello; in my central iot application I don’t see the sensor data displayed in my dashboard, maybe the following error message is the cause: IoT Hub and the IoT Hub Device Provisioning Service update their TLS certificates with a new Microsoft Certification Authority chained under a new Certification Authority root – DigiCert Global G2 Root. You need to take action...

Answer 1

Hello @ESSOUABNI MOHAMMED , Azure services are secured using TLS encryption of messages exchanged. In the past, the 'Baltimore' certificate was used but Microsoft already started to move over to this Digicert TLS certificate a couple of years ago. IoT-related services are the last ones to migrate (because it takes some time to 'touch' all devices if needed). Keep in mind, this certificate is to secure the communication channel, it's not related to device identities or security keys. To connect to the IoT Hub, the device needs to connect using a public root certificate. Once the IoT Hub is switched over to the Digicert certificate, you need to have the Digitcert public root certificate on the device. For devices like PCs, laptops, etc. this certificate is probably already there. Check out this blog post regarding the background and examples of how to test this. If your device does not have the new Digicert certificate installed yet while the IoT Hub demands it, the TLS connection is not correctly set up and the device communication will not take place. If the response helped, do "Accept Answer". If it doesn't work, please let us know the progress. All community members with similar issues will benefit by doing so. Your contribution is highly appreciated.