Does the edgeHub module encrypt data received from the downstream devices? Also where in the container filesystem does edgehub store the data? I tried sudo docker exec -t -i edgeHubContainerID /bin/sh to look for that without much luck. (I understand that the message store just caches data temporarily in case connectivity to the iot hub is lost. We have the edge configured as a transparent gateway.)
Asked
Active
Viewed 136 times
1 Answers
0
EdgeHub doesn't encrypt data received from downstream devices. If encryption of data is needed it has to be done on the device prior to send it to Edge Hub.
That said, the connection between leaf device and edge Hub uses TLS + Authentication for security, if this is the concern.
To answer the second question. The message are stored using Rocks DB Database and it can be configured. Usually it is stored in a temp folder.
Here is an example of a location is stores: (Edge Hub prints the location of the db at the beginning of it's log): 2018-09-28 22:18:53.435 +00:00 [INF] [Microsoft.Azure.Devices.Edge.Hub.Service.Modules.RoutingModule] - Created persistent store at /tmp/edgeHub ==> For Linux.
Angelo Ribeiro
- 111
- 2
-
Hi Angelo, if I understand you correctly, edgeHub caches the data at rest in RockDb in plaintext ? – Rishabh Saha Oct 01 '18 at 11:36
-
Yes for messages. If the device/module send data in plain text, it will store in plain text. If it sends data encrypted, it will store encrypted. – Angelo Ribeiro Oct 02 '18 at 16:32