Azure Provisioning service example not working for node

Question

I followed the node.js tutorial to register device throuh Azure DPS(device provisioning service) @ https://learn.microsoft.com/en-us/azure/iot-dps/quick-create-simulated-device-x509-node . For individual device enrollment it succedded, but when I try to register devices through enrollment groups it fails. I used "create_test-cert.js root" to generate my root certificate and

create_test-cert.js verification --ca {rootcertificate_cert
.pem} --key {rootcertificate_key.pem} --nonce {verificationKey}

to verify . I also used create_test-cert.js device {leafcertificate} {rootcertificate-name} to create the device certificate. Finally I used register_x509.js file to register my device to Azure. Executing this file I have the following error

azure-iot-provisioning-device:X509Registration registrationId: first +0ms
  azure-iot-provisioning-device:PollingStateMachine register called for registrationId "first" +0ms
  azure-iot-provisioning-device:PollingStateMachine completed transition from disconnected to sendingRegistrationRequest +0ms
  azure-iot-provisioning-device-http:Http submitting PUT for first to /0ne00015676/registrations/first/register?api-version=2017-11-15 +0ms
  azure-iot-provisioning-device-http:Http {"registrationId":"first"} +0ms
  azure-iot-provisioning-device-http:Http error executing PUT: UnauthorizedError: Error: {"errorCode":401002,"trackingId":"e6b9c185-64c4-4535-8d23-a7625dd3e011","message":"Unauthorized","timestampUtc":"2018-04-23T12:21:56.1390465Z"} +353ms

Error code "401002 is IotHubUnauthorizedAccess "

thanks

Answer 1

I have tested with the latest version SDK. It works. Following are my operation steps.

Update:

1. Generate the root ca certificate file with the command(testRootCert_cert.pem,testRootCert_fullchain.pem,testRootCert_key.pem would be genetated in tools folder):

node create_test_cert.js root

2. Add a certificate named "root" in Certificates, and upload the root ca file(testRootCert_cert.pem).

3. Generate the verification Code and create the verification ca file with this command,upload the verification_cert.pem file, the status "root" will be "Verified":

node create_test_cert.js verification --ca testRootCert_cert.pem --key testRootCert_key.pem --nonce {verification code}

4. Create the enrollment group following this guide, an enrollment group named "first" will be created:

node create_enrollment_group.js "" "testRootCert_cert.pem"

5. Generate the certificate file for the device to enroll to the group via following command.

node create_test_cert.js device device01 testRootCert

6. Copy the device01 _cert.pem,device01 _fullchain.pem, and device01 _key.pem to '\device\samples' folder,and modify provisioning host,id scope, registration id(here as 'first' named),cert filename and key filename. Please refer to this document.

var provisioningHost = '{your provisioning Host}'; var idScope = '{your id scope}'; var registrationId = 'device01'; var deviceCert = { cert: fs.readFileSync('device01_cert.pem').toString(), key: fs.readFileSync('device01_key.pem').toString() };

7. At last, run node register_x509.js to assign the device. The message will be shown as :

registration succeeded
assigned hub={iothub host}
deviceId=device01

Please node that the Device Provisioning Service should be linked to your IoT Hub.