How to secure communication between IoT Devices and Azure IoT-Hub?

Question

My setup looks like this:

In my local envirenment I have an OPC server which reads data from local OPC devices and send them to my local little server which then sends the data to the IoT-Hub on Azure (and there I save the data to the cosmosDB).

The local little server which communicates to the IoT-Hub on Azure looks like this:

var connectionString = '[IoT Hub device connection string]';
// use factory function from AMQP-specific package
var clientFromConnectionString = require('azure-iot-device-amqp').clientFromConnectionString;

// AMQP-specific factory function returns Client object from core package
var client = clientFromConnectionString(connectionString);

// use Message object from core package
var Message = require('azure-iot-device').Message;

var connectCallback = function (err) {
  if (err) {
    console.error('Could not connect: ' + err);
  } else {
    console.log('Client connected');
    var msg = new Message('some data from my device');
    client.sendEvent(msg, function (err) {
      if (err) {
        console.log(err.toString());
      } else {
        console.log('Message sent');
      };
    });
  };
};


client.open(connectCallback);

How Can I make sure that this communication is secure?

Answer 1

IoT Hub requires all connection to be secured via TLS (see IoT Hub MQTT Support ) and it only uses the secure version 1.2 (see IoT Hub TLS deprecating 1.0 and 1.1).

This will secure your transport (by default).

In production environment I would use X509 certificates to also secure identity and integrity. To do so, please have a look at IoT Hub Security x509 Get Started to learn how to get and register certificates at IoT hub. And have a look at this Sample which shows how to use X509 certificate in node.js code to connect to IoT hub.