Gemalto is now part of the Thales Group, find out more.

You are here

Thales IoT Developer Community

Concept Board connection to Azure IoT Cloud with MQTT Protocol

Showcase, April 13, 2018 - 1:54pm, 16435 views



This showcase is a simple example showing how to establish secure connection with IoT Cloud in order to publish/subscribe messages via MQTT protocol.

In this case connection is being established with Azure IoT Cloud via MQTT protocol. To use the MQTT protocol directly, the client must connect over TLS/SSL. Attempts to skip this step fail with connection errors. In this showcase X.509 certificate authentication is used. Mutual authentication is required. It means, that while establishing a connection, client must prove its identity to a server, and the server must prove its identity to the client.

Application data will not be transferred over the client-to-server connection, until mutual authentication succeed.

While accessing Azure IoT Hub, Cinterion Concept Board is a Client, which should prove its identity using a self-signed X.509 Device Certificate.

Both Client's and Server's certificates need to be installed on Gemalto M2M module.

In order to communicate with IoT Cloud using MQTT Protocol, it is necessary to install a MIDlet serving MQTT protocol on the Cinterion Concept Board.

The showcase related to preparing MIDlet based on latest Paho project you may find here:

Please, remember to adjust the MIDlet to fulfill Azure IoT Cloud requirements for MQTT connection. Details you may find there:


PDF document attached includes the following:

- whole "step by step" instruction how to prepare a secure environment on the Gemalto M2M module

- short overview related to configuring Azure




-  Gemalto CTO Team 

-  Agata Wiewióra

Great Article, thanks Agata and team !


Do you plan to release the source code?



Please, take a look at:

There you will find Download File 




I was trying to follow the showcase, but couldn't find the file "ms.der" at the provided link:

Where I can find such file?



I've found the link which the certs was moved:

In the "certs.c" file, are three certs. Until now, the first one "DigiCert Baltimore Root" worked for me.

It's in the PEM format and ***** to convert into DER format.



Thanks a lot for the update!

Yes please, i need it too! Urgent!


Agata_Wiewiora's picture