Document Details
How To Connect Devices X509
This page contains Windows bias
About This Page
This page is part of the Azure documentation. It contains code examples and configuration instructions for working with Azure services.
Bias Analysis
Detected Bias Types
windows_first
powershell_heavy
windows_tools
Summary
The documentation exhibits a Windows bias, particularly in the C# sections, where instructions for importing certificates explicitly reference Windows Explorer and the Windows Certificate Import Wizard. The prerequisite section also assumes the use of the Windows command prompt for Node.js commands, even though Node.js is cross-platform. Environment variable setting examples use 'set', which is Windows-specific, and there is no mention of Linux or macOS equivalents. Linux-specific instructions are only present for IoT Edge scenarios, not for the main device connection workflows.
Recommendations
- Provide explicit instructions for Linux and macOS users alongside Windows instructions, especially for certificate import and environment variable setup.
- Use cross-platform command syntax (e.g., 'export' for Unix shells, 'set' for Windows) or provide both variants in code blocks.
- When referencing tools like the Windows Certificate Import Wizard, also mention and provide steps for Linux/macOS alternatives (e.g., using OpenSSL or keychain utilities).
- In prerequisite and code sample sections, avoid language that assumes Windows as the default (e.g., 'the instructions in this tutorial assume you're running the node command at the Windows command prompt'). Instead, clarify that the steps are cross-platform and specify differences where necessary.
- For C#/.NET, provide guidance for handling certificates on Linux (e.g., using PEM files directly or importing into the .NET Core certificate store).
Create Pull Request
Scan History
| Date | Scan | Status | Result |
|---|---|---|---|
| 2026-01-14 00:00 | #250 | in_progress |
 Clean
|
| 2026-01-13 00:00 | #246 | completed |
Clean
|
| 2026-01-11 00:00 | #240 | completed |
Clean
|
| 2026-01-10 00:00 | #237 | completed |
Clean
|
| 2026-01-09 00:34 | #234 | completed |
Clean
|
| 2026-01-08 00:53 | #231 | completed |
Clean
|
| 2026-01-06 18:15 | #225 | cancelled |
Clean
|
| 2025-08-17 00:01 | #83 | cancelled |
Clean
|
| 2025-07-13 21:37 | #48 | completed |
Biased
|
| 2025-07-12 23:44 | #41 | cancelled |
Clean
|
Flagged Code Snippets
1. Select **Verify** to upload the signed verification certificate _verification_cert.pem_ to complete the verification.
1. The status of the primary certificate is now **Verified**:
:::image type="content" source="media/how-to-connect-devices-x509/verified.png" alt-text="Screenshot that shows a verified X509 certificate." lightbox="media/how-to-connect-devices-x509/verified.png":::
You can now connect devices that have an X.509 certificate derived from this primary root certificate.
After you save the enrollment group, make a note of the ID scope. You need it later.
### Run sample device code
:::zone pivot="programming-language-csharp"
If you're using Windows, the X.509 certificates must be in the Windows certificate store for the sample to work. In Windows Explorer, double-click on the PFX files you generated previously - `mytestrootcert.pfx` and `sampleDevice01.pfx`. In the **Certificate Import Wizard**, select **Current User** as the store location, enter `1234` as the password, and let the wizard choose the certificate store automatically. The wizard imports the certificates to the current user's personal store.
[!INCLUDE [iot-central-x509-csharp-code](../../../includes/iot-central-x509-csharp-code.md)]
To run the sample:
1. Add the following environment variables to the project:
- `IOTHUB_DEVICE_X509_CERT`: `<full path to folder that contains PFX files>sampleDevice01.pfx`
- `IOTHUB_DEVICE_X509_PASSWORD`: 1234.
1. Build and run the application. Verify the device provisions successfully.
:::zone-end
:::zone pivot="programming-language-java"
[!INCLUDE [iot-central-x509-java-code](../../../includes/iot-central-x509-java-code.md)]
To run the sample:
1. In your shell environment, add the following two environment variables. Make sure that you provide the full path to the PEM files and use the correct path delimiter for your operating system: