问题
My requirement is to develop a mobile app which itself register the mobile device in an IoT hub using provisioning services.
I am developing a mobile application using react native and Azure IoT Java SDK. It is to send telemetry data to Azure IoT hub. However I don't want to hard code the IoT connection details of each and every mobile devices.
There I met the IoT provision services which can be used to register the devices programmatically. My plan was to register device upon the installation or at the first boot up of the app. But the online help sources mentions that all the security attestation should be done by the manufacturer.
It seems I should store an x.509 intermediate certificate in the app and generate a leaf certificate to register the device. I feel this is a bad idea. What is the proper method to handle my situation?
回答1:
You can consider using symmetric key to provision via the Device Provisioning Service. Here are some links for your reference:
- Documentation on Symmetric Key
- Commit in the Java SDK that added symmetric key support
You can also use X.509 certificate. If you have the leaf certificate on the device, you can register the signing cert with the Device Provisioning Service and use enrollment group.
来源:https://stackoverflow.com/questions/55473488/how-to-provision-an-azure-iot-device-from-a-mobile-app