Do we need to open any specific port for Digicert verification from client side?

DEEPAK KUMPALA 191 Reputation points
2023-06-22T02:15:38.32+00:00

As per below article we have to update the certificate from Baltimore to igicert

https://techcommunity.microsoft.com/t5/internet-of-things-blog/azure-iot-tls-critical-changes-are-almost-here-and-why-you/ba-p/2393169

We have many devices connected through factories and they have firewalls in place. Question is, do we need to open any specific port to support this new updated DigiCert Global G2 Root certificate?

Azure IoT Hub
Azure IoT Hub
An Azure service that enables bidirectional communication between internet of things (IoT) devices and applications.
1,274 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. AshokPeddakotla-MSFT 35,971 Reputation points Moderator
    2023-06-22T09:15:20.5333333+00:00

    DEEPAK KUMPALA Greetings!

    Question is, do we need to open any specific port to support this new updated DigiCert Global G2 Root certificate?

    DigiCert Global G2 Root certificate is already trusted by most modern operating systems and devices, so you should not need to open any specific ports to support it. However, if you have devices that are using older operating systems or devices that do not trust the new certificate, you may need to update the root certificate store on those devices to include the new DigiCert Global G2 Root certificate.

    As per the blog post, There is no mention of any specific port that needs to be opened to support the new updated DigiCert Global G2 Root certificate. The migration to the new certificate is focused on updating the root certificate on the devices that connect to Azure IoT Hub.

    If your devices are behind firewalls, you should ensure that they are able to connect to the Azure IoT Hub endpoints over the required ports. The Azure IoT Hub endpoints use the following ports:

    • AMQP: 5671
    • AMQP over WebSockets: 443
    • MQTT: 8883
    • MQTT over WebSockets: 443
    • HTTPS: 443

    You should ensure that your firewalls allow outbound traffic on these ports to the Azure IoT Hub endpoints. If you are using a custom endpoint, you should ensure that your firewall allows outbound traffic on the port used by your custom endpoint.

    Also, please check Migrate IoT Hub resources to a new TLS certificate root for migration steps and FAQ's.

    Hope this helps. Please let us know if you have any additional questions or need further assistance. We would be glad to help you.


    If the response helped, please do click Accept Answer and Yes . Doing so would help other community members with similar issue identify the solution. I highly appreciate your contribution to the community.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.