Esp32 AT Commands Azure IoT Hub.

[sl2121]

Hi i have a question regarding Azure Iot Hub connection. Following : https://blog.csdn.net/espressif/article/details/105045610, i connected to the hub. Using the SAS token created from symmetric key. But without sending any CA certificate!!! to myIoThub.azure-devices.net.

I also enstablished a single TLS connection to the hub also without the certificate.

In Microsoft Documentation TLS/SSL configuration : To use the MQTT protocol directly, clients must connect via TLS/SSL. Attempts to skip this step fail with a connection error.

To establish a TLS connection, you may need to download and reference the DigiCert Baltimore root certificate. This certificate is used by Azure to secure the connection.

In all examples Python, C SDK for Azure, Arduino, the first thing to do is to give the CA certificate.

Why ESP32 AT doesn't need to verify any CA certificate?

Thanks.

[ustccw]

@sl2121 For a common TLS connection, certificate should be an optional item, not a required item. More details are in RFC 5246, search Message flow for a full handshake.

so as for ESP32-AT, MQTT can be established without certificate verify, that should make sense. Of course, you can specify the certificate verification mode by <scheme> parameter, which defined in AT+MQTTUSERCFG command.

Please let me know if anything unclear.