Using X509 to Provision Devices in IoT Central outputs json auth key errors

%3CLINGO-SUB%20id%3D%22lingo-sub-935063%22%20slang%3D%22en-US%22%3EUsing%20X509%20to%20Provision%20Devices%20in%20IoT%20Central%20outputs%20json%20auth%20key%20errors%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-935063%22%20slang%3D%22en-US%22%3E%3CP%3EWe%20are%20using%20an%20ESP32%20to%20connect%20to%20IoT%20Central.%20We%20have%20been%20connecting%20using%20symm%20keys%20but%20now%20we%20are%20wanting%20to%20move%20forward%20to%20production%20and%20need%20to%20use%20x509%20instead.%20But%20when%20using%20the%20following%20example%20from%20esp-azure%2C%20I%20get%20the%20following%20error%3A%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fgithub.com%2Fespressif%2Fesp-azure%2Ftree%2Fmaster%2Fexamples%2Fprov_dev_client_ll_sample%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fgithub.com%2Fespressif%2Fesp-azure%2Ftree%2Fmaster%2Fexamples%2Fprov_dev_client_ll_sample%3C%2FA%3E%3C%2FSPAN%3E%3CSPAN%3E%26nbsp%3B%3CBR%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CPRE%3E%26lt%3B-%2014%3A36%3A06%20PUBLISH%20%7C%20IS_DUP%3A%20false%20%7C%20RETAIN%3A%200%20%7C%20QOS%3A%20DELIVER_AT_LEAST_ONCE%20%3D%200x01%20%7C%20TOPIC_NAME%3A%20%24dps%2Fregistrations%2Fres%2F401%2F%3F%24rid%3D1%20%7C%20PACKET_ID%3A%202%20%7C%20PAYLOAD_LEN%3A%20156%0AError%3A%20Time%3ATue%20Oct%2022%2014%3A36%3A06%202019%20File%3A*%2Fesp-azure%2Fazure-iot-sdk-c%2Fprovisioning_client%2Fsrc%2Fprov_device_ll_client.c%20Func%3Aprov_transport_process_json_reply%20Line%3A323%20failure%20retrieving%20json%20auth%20key%20value%0AError%3A%20Time%3ATue%20Oct%2022%2014%3A36%3A06%202019%20File%3A*%2Fesp-azure%2Fazure-iot-sdk-c%2Fprovisioning_client%2Fsrc%2Fprov_transport_mqtt_common.c%20Func%3Aprov_transport_common_mqtt_dowork%20Line%3A965%20Unable%20to%20process%20registration%20reply.%0AI%20(7640)%20AZURE_LIB%3A%20Doing%20SDK%20Work%0AError%3A%20Time%3ATue%20Oct%2022%2014%3A36%3A06%202019%20File%3A*%2Fesp-azure%2Fazure-iot-sdk-c%2Fprovisioning_client%2Fsrc%2Fprov_device_ll_client.c%20Func%3Aon_transport_registration_data%20Line%3A572%20Failure%20retrieving%20data%20from%20the%20provisioning%20service%0AFailure%20encountered%20on%20registration%20PROV_DEVICE_RESULT_PARSING%0AE%20(7680)%20esp-tls%3A%20write%20error%20%3A-80%3A%0AInfo%3A%20Error%20from%20SSL_write%3A%20-80%0A-%26gt%3B%2014%3A36%3A06%20DISCONNECT%0AError%3A%20Time%3ATue%20Oct%2022%2014%3A36%3A06%202019%20File%3A*%2Fesp-azure%2Fport%2Fsrc%2Ftlsio_esp_tls.c%20Func%3Atlsio_esp_tls_destroy%20Line%3A152%20tlsio_esp_tls_destroy%20called%20while%20not%20in%20TLSIO_STATE_CLOSED.%0AI%20(7700)%20AZURE_LIB%3A%20Registeration%20Failed...%3C%2FPRE%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIs%20there%20a%20special%20route%20I%20need%20to%20take%20to%20implement%20dps%20to%20connect%20to%20IoT%20Central%3F%20Documentation%20do%20not%20do%20a%20good%20job%20in%20explaining%20the%20actual%20code%20needed%20to%20connect%20to%20IoT%20Central%20specifically.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-939085%22%20slang%3D%22en-US%22%3ERe%3A%20Using%20X509%20to%20Provision%20Devices%20in%20IoT%20Central%20outputs%20json%20auth%20key%20errors%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-939085%22%20slang%3D%22en-US%22%3EGreetings%20-%20can%20you%20give%20us%20some%20more%20information.%3CBR%20%2F%3E%3CBR%20%2F%3E1.%20Have%20you%20created%20a%20device%20in%20IoTCentral%20%3F%3CBR%20%2F%3E2.%20Also%20have%20you%20uploaded%20the%20root%20cert%20you%20are%20using%20here%20to%20the%20IoT%20Central%20app.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-939108%22%20slang%3D%22en-US%22%3ERe%3A%20Using%20X509%20to%20Provision%20Devices%20in%20IoT%20Central%20outputs%20json%20auth%20key%20errors%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-939108%22%20slang%3D%22en-US%22%3E%3CP%3EActually%20was%20able%20to%20resolve%20the%20issue.%20Turns%20out%20it%20was%20just%20a%20x509%20cert%20creation%20error.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThank%20you!%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-939121%22%20slang%3D%22en-US%22%3ERe%3A%20Using%20X509%20to%20Provision%20Devices%20in%20IoT%20Central%20outputs%20json%20auth%20key%20errors%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-939121%22%20slang%3D%22en-US%22%3EGot%20it%2C%20let%20us%20know%20how%20we%20can%20help.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-939144%22%20slang%3D%22en-US%22%3ERE%3A%20Using%20X509%20to%20Provision%20Devices%20in%20IoT%20Central%20outputs%20json%20auth%20key%20errors%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-939144%22%20slang%3D%22en-US%22%3EThank%20you!%20Actually%20just%20had%20a%20question%20that%20popped%20up%20in%20my%20head.%20Is%20there%20anyway%20around%20the%20idea%20of%20hard%20coding%20in%20the%20scope%20id%20for%20the%20DPS%20for%20the%20IoT%20Central%20to%20make%20our%20devices%20more%20susceptible%20for%20IoT%20Central%20app%20changes%20%3F%3C%2FLINGO-BODY%3E
Highlighted
Occasional Contributor

We are using an ESP32 to connect to IoT Central. We have been connecting using symm keys but now we are wanting to move forward to production and need to use x509 instead. But when using the following example from esp-azure, I get the following error: 

https://github.com/espressif/esp-azure/tree/master/examples/prov_dev_client_ll_sample 

<- 14:36:06 PUBLISH | IS_DUP: false | RETAIN: 0 | QOS: DELIVER_AT_LEAST_ONCE = 0x01 | TOPIC_NAME: $dps/registrations/res/401/?$rid=1 | PACKET_ID: 2 | PAYLOAD_LEN: 156
Error: Time:Tue Oct 22 14:36:06 2019 File:*/esp-azure/azure-iot-sdk-c/provisioning_client/src/prov_device_ll_client.c Func:prov_transport_process_json_reply Line:323 failure retrieving json auth key value
Error: Time:Tue Oct 22 14:36:06 2019 File:*/esp-azure/azure-iot-sdk-c/provisioning_client/src/prov_transport_mqtt_common.c Func:prov_transport_common_mqtt_dowork Line:965 Unable to process registration reply.
I (7640) AZURE_LIB: Doing SDK Work
Error: Time:Tue Oct 22 14:36:06 2019 File:*/esp-azure/azure-iot-sdk-c/provisioning_client/src/prov_device_ll_client.c Func:on_transport_registration_data Line:572 Failure retrieving data from the provisioning service
Failure encountered on registration PROV_DEVICE_RESULT_PARSING
E (7680) esp-tls: write error :-80:
Info: Error from SSL_write: -80
-> 14:36:06 DISCONNECT
Error: Time:Tue Oct 22 14:36:06 2019 File:*/esp-azure/port/src/tlsio_esp_tls.c Func:tlsio_esp_tls_destroy Line:152 tlsio_esp_tls_destroy called while not in TLSIO_STATE_CLOSED.
I (7700) AZURE_LIB: Registeration Failed...

 

 

Is there a special route I need to take to implement dps to connect to IoT Central? Documentation do not do a good job in explaining the actual code needed to connect to IoT Central specifically. 

 

 

4 Replies
Highlighted
Greetings - can you give us some more information.

1. Have you created a device in IoTCentral ?
2. Also have you uploaded the root cert you are using here to the IoT Central app.
Highlighted

Actually was able to resolve the issue. Turns out it was just a x509 cert creation error. 

 

Thank you! 

Highlighted
Got it, let us know how we can help.
Highlighted
Thank you! Actually just had a question that popped up in my head. Is there anyway around the idea of hard coding in the scope id for the DPS for the IoT Central to make our devices more susceptible for IoT Central app changes ?