I am trying to setup Azure IoT Edge as transparent gateway to which I want to connect directly via MQTT (without any IoT SDKs).
###---Short Version---###
I want to connect directly to IoT Edge via MQTT like this to IoT Hub.
What is the host, username and password for connection via symmetric keys to connect to the IoT Edge Gateway?
###---Long Version---###
I started with provisioning the Device to Azure IoT Central and was able to connect there directly. I used a .NET sample to provision the devices on Azure IoT Central and get the Iot-Hub name. Then I created the SAS Token to connect directly with a MQTT client to Azure IoT Central (assigned IoT-Hub)
I used the following credentials:
"ClientID": "plc2"
"Host": "mqtts://iotc-x-x-x-x-x.azure-devices.net"
"Port": "8883"
"Username": "iotc-x-x-x-x-x.azure-devices.net/plc2/?api-version=2021-04-12"
"Password": "SharedAccessSignature sr=iotc-x-x-x-x-x.azure-devices.net%2Fdevices%2Fplc2&sig=P......D&se=1652037456"
I created the SAS Token following this documentation for MQTT direct device connection: SAS Token structure
As ressourceUri for creating SAS Token I used the following: "iotc-x-x-x-x-x.azure-devices.net.azure-devices.net/devices/plc2"
For testing I used MQTTX windows client with the Azure Baltimore Root CA Certificate and the credentials explained and everything was fine.
Now I want the communication to run via the Azure IoT Edge as transparent gateway. I followed following documentation from Microsoft:
"config.toml"
-> Set the hostname to: iotedge-prod1
"192.168.0.100 iotedge-prod1"
What does the MQTT connection data to the Edge device look like?
The structure with Edge Hub I have not yet understood I think. I tried many combinations of credentials but I didn't get it
"ClientID": "plc2"
--> Should be ok
"Host": "mqtts://iotedge-prod1"
--> In my opinion the IP-Adress is important right?
"Port": "8883"
--> Same like before for TLS
"Username": "iotedge-prod1.iotc-x-x-x-x-x.azure-devices.net/plc2/?api-version=2021-04-12"
or just "iotedge-prod1/plc2/?api-version=2021-04-12"
--> What must the username be like?
"Password": "SharedAccessSignature sr=iotc...."
--> Same thing for the password. Which information is necessary in the SAS Token? Is the ressourceUri for creation: "iotedge-prod1.myHub.azure-devices.net/devices/plc2"
or just "iotedge-prod1/devices/plc2"
or anything different?
I hope I could explain halfway understandable what my problem is.
Additional information:
Edge-config_toml.jpg
Edge-IoTCentral.jpg
Edge-Manifest (MS Docs)
The username and password in case of direct connection to IoT Central or via IoT Edge as transparent gateway will be the same. This is because IoT Edge will pass through the token to IoTHub for attestation.
Only change required will be the Host, which should be mqtts://hostname or ip
Ensure in MQTTX client the Certificate is selected as Self signed and provide path of the Test Root CA, no need for client cert and key. The parent of the device also needs to be correctly set in IoT Central.
e.g. the deviceId here is mqttclient and iotedge gateway is raspi###
Check edgeHub log to see if you are getting connection attempt with "iotedge logs -f edgeHub' from MQTTX client