I am using the B-L475E-IOT01A Discovery kit with tutorial, "Tutorial: Use Eclipse ThreadX to connect an STMicroelectronics B-L475E-IOT01A Discovery kit to IoT Hub".
A few months ago when I first tried to connect to the IOT Hub, which was running TLSv1.0, worked fine.
Now Azure is forcing devices to use TLSv1.2 with a strong cipher suite such as
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
per https://learn.microsoft.com/en-us/azure/iot-hub/iot-hub-tls-support.
I enabled the following:
NX_SECURE_TLS_TLS_1_2_ENABLED, NX_SECURE_ENABLE_AEAD_CIPHER and NX_SECURE_INCLUDE_USER_DEFINE_FILE.
The required ciphers were not included in the _nx_azure_iot_tls_supported_crypto[] list in azure_iot_ciphersuites.c but were included in the unused supported_crypto[] from nx_crypto_generic_ciphersuites.c.
Questions:
- What is the approach to including TLSv1.2 with strong cipher suites? I seem to have to find various snippets of code in random files and add them to other files.
- Is anyone able to communicate with Azure IOT Hub using TLSv1.2?
