Edge Module Authentication
Hi Folks, I've made my first IoT Edge Module (container), its just based off: FROM ubuntu:oracular For now, but it seems to start up and run correctly. I've pushed the container into ACR and added it to my manifest which pushed it down to my edge gateway and its up and running. So far so good. Now, I want my application in that container to publish events to the edgeHub, and subscribe to properties set in IoT Central. I followed some of the guides, but have had no luck. Firstly - not much love for a rust application, but aside from that, I've resorted to jumping into the container and trying to use the mosquitto clients likes so: $ docker exec -ti <module_id> bash # mosquitto_sub -d \ -V mqttv311 \ -h edgeHub \ -p 8883 \ -i "${IOTEDGE_DEVICEID}/${IOTEDGE_MODULEID}" \ -u "${IOTEDGE_IOTHUBHOSTNAME}/${IOTEDGE_DEVICEID}/${IOTEDGE_MODULEID}/?api-version=2018-06-30" \ -P "${SAS_TOKEN}" \ -t "devices/${IOTEDGE_DEVICEID}/modules/${IOTEDGE_MODULEID}/messages/events" \ --cafile /etc/ssl/certs/IoTHubRootCA.pem \ -q 1 Client <device_id>/<module_id> sending CONNECT OpenSSL Error[0]: error:0A000086:SSL routines::certificate verify failed Error: Protocol error I just cant get it to validate the certs in the edgeHub. If I look at the edgeHub container it shows: $ docker logs -f edgeHub <4> 2025-06-30 06:52:23.276 +00:00 [WRN] - "TLS handshake failed., System.AggregateException: One or more errors occurred. (Authentication failed, see inner exception.)\n ---> System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception.\n ---> Interop+OpenSsl+SslException: SSL Handshake failed with OpenSSL error - SSL_ERROR_SSL.\n ---> Interop+Crypto+OpenSslCryptographicException: error:0A000418:SSL routines::tlsv1 alert unknown ca\n --- End of inner exception stack trace ---\n at Interop.OpenSsl.DoSslHandshake(SafeSslHandle context, ReadOnlySpan`1 input, Byte[]& sendBuf, Int32& sendCount)\n at System.Net.Security.SslStreamPal.HandshakeInternal(SafeDeleteSslContext& context, ReadOnlySpan`1 inputBuffer, Byte[]& outputBuffer, SslAuthenticationOptions sslAuthenticationOptions)\n --- End of inner exception stack trace ---\n at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](Boolean receiveFirst, Byte[] reAuthenticationData, CancellationToken cancellationToken)\n --- End of inner exception stack trace ---, 0af563ac" That error suggests the edgeHub does not like the CA in my module ? I'm looking for any references to get the right CA's setup so that my translation app can publish events to the edgeHub container.
