Communication between AWS IoT Core: Message Broker and Hardware

3 min readSep 3, 2021

Questions to understand the big picture !

1. `.cfg` file?

Configuration file. Generic preference file that stores settings and configuration information.

2. MQTT(Message Queuing Telemetry Transport) Protocol?

Standard messaging protocol for IoT. It is designed as an extremely lightweight publish/subscribe messaging transport that is ideal for connecting remote devices with a small code footprint and minimal network bandwidth.

Lightweight and Efficient: MQTT clients are very small, require minimal resources so can be used on small microcontrollers.
Bi-directional Communication: MQTT allows for messaging between device to cloud and cloud to device. This makes for easy broadcasting messages to groups of things.
Scale to Millions of Things: MQTT can scale to connect with millions of IoT devices
Reliable Message Delivery: Reliability of message delivery is important for many IoT use cases. This is why MQTT has 3 defined quality of service levels: 0, 1, 2
Support for Unreliable Networks: Many IoT devices connect over unreliable cellular networks. MQTT’s support for persistent sessions reduces the time to reconnect the client with the broker.
Security Enabled: MQTT makes it easy to encrypt messages using TLS and authenticate clients using modern authentication protocols, such as OAuth.

3. SSL (Security Socket Layer) ?

SSL and its successor, TLS(Transport Layer Security), are protocols for establishing authenticated and encrypted links between networked computer.

4. Protocol

A Rule for the communication.

5. AWS IoT?

AWS IoT provides the cloud services that connect your IoT devices to other devices and AWS cloud services. AWS IoT provides device software that can help you integrate your IoT devices into AWS IoT based solutions. If your devices can connect to AWS IoT, AWS IoT can connect them to the cloud services that AWS provides.

The AWS IoT Core message broker supports devices and clients that use MQTT and MQTT over WSS protocols to publish and subscribe to messages. (HTTPS protocol to publish messages available)

6. Certificate Rotation?

Certificate Rotation (the replacement of existing certificates with new ones) is needed when:

Any certificate is expired
A new CA authority is substituted for the old; thus requiring a replacement root certificate for the cluster
New of modified constraints need to be imposed on one or more certificates.
A security breach has occurred, such that existing one can no longer be trusted
* Expiration can be a year or more, but we swap every month to limit data exfiltration if one certificate was compromised and they are passively listening to data

7. What is an TLS/SSL certificate?

An SSL certificate is a digital certificate that authenticates a website’s identity and enables an encrypted connection. It uses encryption algorithms to scramble data in transit, which prevents hackers from reading it as it is sent over the connection. This data includes potentially sensitive information such as names, addresses, credit card numbers, or other financial details.

check out here fore more..