Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://learn.microsoft.com/en-us/azure/event-grid/mqtt-certificate-chain-client-authentication below:

Azure Event Grid Namespace MQTT client authentication using certificate chain - Azure Event Grid

Use CA certificate chain in Azure Event Grid to authenticate clients while connecting to the service.

In this guide, you perform the following tasks:

1. Upload a CA certificate, the immediate parent certificate of the client certificate, to the namespace.
2. Configure client authentication settings.
3. Connect a client using the client certificate signed by the previously uploaded CA certificate.

• You need an Event Grid Namespace already created.
• You need a CA certificate chain: Client certificates and the parent certificate (typically an intermediate certificate) that was used to sign the client certificates.

If you don't already have a certificate, you can create a sample certificate using the step CLI. Consider installing manually for Windows.

1. Once you installed Step, in Windows PowerShell, run the command to create root and intermediate certificates.

.\step ca init --deployment-type standalone --name MqttAppSamplesCA --dns localhost --address 127.0.0.1:443 --provisioner MqttAppSamplesCAProvisioner

1. Using the CA files generated to create certificate for the client.

.\step certificate create client1-authnID client1-authnID.pem client1-authnID.key --ca .step/certs/intermediate_ca.crt --ca-key .step/secrets/intermediate_ca_key --no-password --insecure --not-after 2400h

1. To view the thumbprint, run the Step command.

step certificate fingerprint client1-authn-ID.pem

1. In Azure portal, navigate to your Event Grid namespace.
2. Under the MQTT broker section in left rail, navigate to CA certificates menu.
3. Select + Certificate to launch the Upload certificate page.
4. Add certificate name and browse to find the intermediate certificate (.step/certs/intermediate_ca.crt) and select Upload. You can upload a file of .pem, .cer, or .crt type.

Note

• CA certificate name can be 3-50 characters long.
• CA certificate name can include alphanumeric, hyphen(-) and, no spaces.
• The name needs to be unique per namespace.

1. Navigate to the Clients page.
2. Select + Client to add a new client. If you want to update an existing client, you can select the client name and open the Update client page.
3. In the Create client page, add the client name, client authentication name, and the client certificate authentication validation scheme. Typically the client authentication name would be in the subject name field for the client certificate.

1. Select Create button to create the client.

{
    "properties": {
        "description": "CA certificate description",
        "encodedCertificate": "-----BEGIN CERTIFICATE-----`Base64 encoded Certificate`-----END CERTIFICATE-----"
    }
}

Use the following commands to upload/show/delete a certificate authority (CA) certificate to the service

Upload certificate authority root or intermediate certificate

az eventgrid namespace ca-certificate create -g myRG --namespace-name myNS -n myCertName --certificate @./resources/ca-cert.json

Show certificate information

az eventgrid namespace ca-certificate show -g myRG --namespace-name myNS -n myCertName

Delete certificate

az eventgrid namespace ca-certificate delete -g myRG --namespace-name myNS -n myCertName

• Publish and subscribe to MQTT message using Event Grid

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4