Share via


az iot ops connector opcua trust

Note

This reference is part of the azure-iot-ops extension for the Azure CLI (version 2.53.0 or higher). The extension will automatically install the first time you run an az iot ops connector opcua trust command. Learn more about extensions.

Command group 'iot ops' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus

Manage trusted certificates for the OPC UA Broker.

The trusted certificate list contains the certificates of all the OPC UA servers that the connector for OPC UA trusts. If the connector for OPC UA trusts a certificate authority, it automatically trusts any server that has a valid application instance certificate signed by the certificate authority. For more info, see https://aka.ms/opcua-certificates.

Commands

Name Description Type Status
az iot ops connector opcua trust add

Add a trusted certificate to the OPC UA Broker's trusted certificate list.

Extension Preview

az iot ops connector opcua trust add

Preview

Command group 'iot ops' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus

Add a trusted certificate to the OPC UA Broker's trusted certificate list.

The certificate file extension must be .der or .crt. Azure resource secretproviderclass 'opc-ua-connector' and secretsync 'aio-opc-ua-broker-trust-list' will be created if not found.

az iot ops connector opcua trust add --certificate-file
                                     --instance
                                     --resource-group
                                     [--secret]

Examples

Add a trusted certificate to the OPC UA Broker's trusted certificate list.

az iot ops connector opcua trust add --instance instance --resource-group instanceresourcegroup --certificate-file "certificate.der"

Add a trusted certificate to the OPC UA Broker's trusted certificate list with custom secret name.

az iot ops connector opcua trust add --instance instance --resource-group instanceresourcegroup --certificate-file "certificate.crt" --secret custom-secret-name

Required Parameters

--certificate-file --cf

Path to the certificate file in .der or .crt format.

--instance -i

IoT Operations instance name.

--resource-group -g

Instance resource group.

Optional Parameters

--secret -s

Secret name in the Key Vault. If not provided, the certificate file name will be used to generate the secret name.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.