How can I test the new DigiCert with my device that uses x509 self signed certificates?

Haris Papageorge 251 Reputation points
2022-05-25T12:41:09.613+00:00

Hi,

Because of the update that is about to take place (2393169) I am conducting some tests. However, the instructions that are given for validation of this new root cert only mention a SharedAccessKey. How should I validate the procedure with my device that uses x509 self signed certificates?

thanks

Azure IoT Hub
Azure IoT Hub
An Azure service that enables bidirectional communication between internet of things (IoT) devices and applications.
1,274 questions
{count} votes

Accepted answer
  1. Sander van de Velde | MVP 36,766 Reputation points MVP Volunteer Moderator
    2022-05-25T14:59:45.247+00:00

    Hello @Haris Papageorge ,

    Microsoft is switching over to the 'DigiCert Global G2 root' certificate for TLS traffic.

    This means that your IoT devices must include 'the DigiCert Global G2 root cert by February 15, 2023'.

    It seems you use x509 self-signed certificates to identify your devices. Your self-signed certificate is just an Identity, it is not used for encrypting the TLS traffic towards IoT Hub and/or DPS.

    It's all about testing the TLS connection using that root certificate. That is why the symmetric key (SharedAccessKey) test is offered.

    See also the comments below the announcement text.

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.