This is the second last post of the [series on IoT Communication](/blog/communication-for-iot-or-embedded-applications) which has gone on for slightly more than a month now. In this post, I endeavor to connect an IoT device to the Azure IoT Hub without using the provided IoT libraries.
In the previous post (post #6), we got mbedTLS working and it delivered content to us from a server using SSL/TLS. However, in the code, you should have noticed a line saying that in real life we should bail out when the certificate verification fails
In the previous post (post #5), we added mbedTLS to the project and agreed that we would follow the sample that comes with the mbedTLS pack. If you followed everything correctly you should see an output such as the one below. There are several additional steps but I discuss them below the dump.
SSL has since been succeeded and superseded by TLS and in the rest of this post, I do not use SSL but instead TLS. However, TLS was built on top of SSL and as such the two are used interchangeably.
As pointed out, I am not an expert in informational security so I have to use a built library (or set of APIs) for performing these security operations. But even using libraries or APIs is not an easy task. This is especially the case for security related ones. Even if they are documented, they tend to have a lot of elements in them that you may get lost in the abbreviations, acronyms, internet standards etc. The SSL/TLS libraries are no exception. The libraries get complicated because the need to support several features due to possible scenarios such as: