thin-edge.io icon indicating copy to clipboard operation
thin-edge.io copied to clipboard

Published 20 hours ago verified publisher icon thin-edge

Upgrade the Azure IoT certificate for CI/CD devices

Open PradeepKiruvale opened this issue 2 years ago • 2 comments

Describe the bug Azure is replacing the Baltimore cyber trust cert with the Digi cert root certificate. Once replaced the thin-edge device should connect to the Azure IoT without any issue.

To Reproduce Try connecting to the "Azure cloud" using tedge connect az

Expected behavior Should connect successfully and publish the measurements.

Screenshots

Environment (please complete the following information):

  • OS [incl. version]
  • Hardware [incl. revision]
  • System-Architecture [e.g. result of "uname -a"]
  • thin-edge.io version [e.g. 0.1.0]

Additional context More information can be found here

PradeepKiruvale avatar May 31 '22 07:05 PradeepKiruvale

I don't think we need something specific action rather than the doc change. https://thin-edge.github.io/thin-edge.io/html/tutorials/connect-azure.html#configure-the-device

sudo tedge config set az.root.cert.path /etc/ssl/certs/Baltimore_CyberTrust_Root.pem

And we can't do it right now, as they are going to apply it from February 2023.

rina23q avatar Jun 01 '22 15:06 rina23q

In addition, as of now, we just need to check all self-hosted runners have DigiCert_Global_Root_G2.pem certificate in /etc/ssl/certs.

rina23q avatar Jun 02 '22 08:06 rina23q