As explained in the previous articles, IoT devices can be connected to the IoT hub in two ways that are either using Device Provisioning Service (DPS) or directly to the IoT hub. So let's learn how to add X.509 device on the Device Provisioning Service, then in the next article we will register the same device on Azure IoT Hub.
We need a created Device Provisioning Service instance on Azure and same we have created in our last articles. You can read by using the following link.
Step 1: Login To Azure Portal
Login into the Azure portal and find the device provisioning service which we have created in the How To Create Azure Device Provisioning Service article. If you haven't created it, then please follow the steps shown in the article and create the same.
I hope you have device provisioning services using the Azure portal. Now find the option to manage enrollments as shown in the following image.
Device Provisioning Service (DPS) provide the following two concepts,
- Individual Enrollment
- Group Enrollment
What is Individual Enrollment?
What is Attestation Mechanism?
The attestation mechanism is the process of cross verifying the enrolled device identity during the device registration on IoT Hub. Device Provisioning Service supports the following attestation mechanism.
Device Enrollment Using X.509
IoT Hub Device Id
Provide the Device Id name which is unique per the X.509 certificate. This is optional, if you do not provide the device Id, then the registration id becomes the deviceid on the Azure IoT hub.
IoT Edge Device
Choose between true or false, which indicates that if it's true, then it's an edge device, else it's an IoT device.
Device Allocation Policy
This chosen policy decides how IoT devices allocate to the IoT Hub. You can read my previous article to understand the details about the device allocation policies.
Choose IoT Hub
DPS can be linked with multiple IoT Hubs, you can choose on which IoT hub device should register or you can let it decide by device allocation policy.
Device Re-Provisioning Policy
There may be a requirement to re-provision the device, so during this process, it allows whether to keep the previous data or not.
Initial Device Twin State
The initial device twin allows storing the custom properties about the device or whatever you want. Mostly, the device twin is used to keep the device-related information such as the path of the device upgrade package file or client details etc.
This option allows enabling to disable the enrollment entry. Now providing all the above details, click the save button. After successfully creating the enrollment entry, the following notification will be shown.
In the preceding image, you see the registration id as mydevice, which is from the certificate common name (CN).
I hope this article is useful to understand how to add the X.509 device on the Azure device provisioning service. In this series of Azure IoT, next, we will learn about the enrollment group of devices.