I want to secure the connection between the devices and the IoT Edge Device to the secure for example my app running on the iPad access the IoT Edge Device at http://: but I want to access it over https. I am new to IoT, How can I achieve it?
You could run a proxy module like outlined here: https://github.com/Azure/iotedge/tree/master/edge-modules/edgehub-proxy
Related
We're moving our Azure IoT Edge devices from manual provisioning to DPS with symmetric key. One of the modules deployed to our devices needs to manage the Device Twin - we have been using this for state properties that persist across updates to modules. To connect to the device twin, I've been creating a DeviceClient from connection string which is loaded as an environment variable on a per device basis. This is using the C SDK.
Now I want to request the device credentials during provisioning so that the symmetric key is the only secret pre installed on the device.
A number of posts suggest that this isn't possible with best practices, most succinctly:
Access IoT Edge Device Twin from Edge Module when using X.509 Authentication
Is this still the case? If so, what is the intended use for the device twin on IoT Edge, if user modules aren't supposed to access it in a production setting?
A number of posts suggest that this isn't possible with best practices, most succinctly: Access IoT Edge Device Twin from Edge Module when using X.509 Authentication. Is this still the case?
This is still the case. Modules accessing device twin information is not supported or recommended. There are other ways to achieve what is desired - like one you described in your comment.
what is the intended use for the device twin on IoT Edge, if user modules aren't supposed to access it in a production setting?
The use case for device twins in IoT Edge is ADM deployments.
You create a deployment manifest and then define which devices it applies to based on tags in the device twin.
Ref: Understand IoT Edge automatic deployments for single devices or at scale
I have implemented Azure IoT edge transparent gateway use case and was able to register/provision my leaf device through DPS(x509).
But I want to register my leaf device on IoT Hub through IoT edge as my leaf devices doesn't have any Internet connection thus they can't access IoT Hub interface.
Or I'm open for other solutions too for my use case.
Right now IoT Edge does not support proxying DPS requests. you would need to provision your device "manually"
Context:
I have a real device that only uses MQTT and only accepts a TCP connection (The only things I can modify in the real device are the cloud address, cloud ID (username), cloud password, machine cloud ID and cloud port).
Question:
How can I connect this device to the azure IoT hub?
Can I use azure IoT edge runtime w/ transparent gateway?
In case if you want to try connectivity with IoT hub and if there is no feasibility for usage of device SDK in your device, you can try the option of using MQTT protocol directly (as a device), using which the device can still connect to the public device endpoints using the MQTT protocol on port 8883.
However, for using the MQTT protocol directly, the device must connect over TLS/SSL. Since your device has constraints in using TLS/SSL or installing certificate, the best option is usage of gateway.
In a typical IoT system, gateways are used to overcome the limitations of device capabilities. You may need to decide the suitable deployment type based on these three patterns of using IoT Edge device as a gateway as per your device capabilities and requirement in hand.
There is a scenario where you don't have to use the device SDK and connect your MQTT device directly to the IoT Hub. It is documented here. Azure IoT Hub is not a full-featured MQTT broker though, so results may vary. As per your suggestion, yes you can use a transparent gateway for this if you don't want your device to connect directly to the IoT Hub. But it's not a prerequisite.
In the case that your device needs more MQTT features than IoT Hub (or Edge for that matter) can offer, you can also consider creating an Edge module with an MQTT broker inside.
I've searched google and only found the MultipeerConnectivity framework in iOS but I don't know how I could make it work for my specific case.
The flow of what I want to do is like this:
Enable personal hotspot in iOS
Connect to hotspot from a raspberry pie
Once client is connected, send a message string from the iOS app.
Assuming that the raspberry pie connection is already sorted out (We're using a static SSID and Password for the hotspot)
The questions that come up are:
Which framework should I use (assuming there is one already)?
do I need to explicitly advertise the iOS device from the app?
How do I get notified when the raspberry connects to the phone?
How do I send a message to the connected client?
Although I never developed anything for Pi, I developed net service browsing for iOS devices, so can give an answer.
When you connect to iPhone hotspot, it's a usual WiFi connection, so here you can use Bonjour protocol (mDNS) to discover devices one another.
Run Avahi mDNS service on Pi, and discover it on iPhone.
Here is how to run Avahi on Pi.
Here is how to discover mDNS net service on iPhone.
After net service is discovered with NSNetServiceBrowser, you'll have IP address and port of your Pi available on your iPhone, so you can connect to it.
If you are trying to setup a IoT system, it may be useful to look into various cloud offerings to facilitate messaging between devices. Personally I have used AWS IoT core services in the past, and it is relatively easy to setup messaging between devices.
I am not sure what your exact use case is for this setup, but using a cloud based service to setup messaging between devices will remove the requirement to connect directly between devices via hotspot (the pi still needs some internet connection), and could make it easier to enable multiple devices and app clients in the system.
I want to enable IoT in the devices (inverters) which currently supports only serial communication. Through serial port I'm able to view statistics of the device, configure device and do firmware updates. I want to do all these remotely by enabling IoT. I have just gone through Azure IoT hub, iBOT etc.
How will I enable communication between my serial port with IoT hub?
Is there any supporting device for that?
You can use another device as a gateway, this device is networkable and has serial port. Azure IoT Edge lets you build IoT solutions tailored to your exact scenario. You can refer to the document and get start.
In addition, here is a tutorial to implement a device firmware update process. This tutorial shows how you can start and monitor the firmware update process remotely through a back-end application connected to your hub.