Azure Provisioning service example not working for node

Question

I followed the node.js tutorial to register device throuh Azure DPS(device provisioning service) @ https://docs.microsoft.com/en-us/azure/iot-dps/quick-create-simulated-device-x509-node . For individual device enrollment it succedded, but when I try to register devices through enrollment groups it fails. I used "create_test-cert.js root" to generate my root certificate and

create_test-cert.js verification --ca {rootcertificate_cert
.pem} --key {rootcertificate_key.pem} --nonce {verificationKey}

to verify . I also used create_test-cert.js device {leafcertificate} {rootcertificate-name} to create the device certificate. Finally I used register_x509.js file to register my device to Azure. Executing this file I have the following error

azure-iot-provisioning-device:X509Registration registrationId: first +0ms
  azure-iot-provisioning-device:PollingStateMachine register called for registrationId "first" +0ms
  azure-iot-provisioning-device:PollingStateMachine completed transition from disconnected to sendingRegistrationRequest +0ms
  azure-iot-provisioning-device-http:Http submitting PUT for first to /0ne00015676/registrations/first/register?api-version=2017-11-15 +0ms
  azure-iot-provisioning-device-http:Http {"registrationId":"first"} +0ms
  azure-iot-provisioning-device-http:Http error executing PUT: UnauthorizedError: Error: {"errorCode":401002,"trackingId":"e6b9c185-64c4-4535-8d23-a7625dd3e011","message":"Unauthorized","timestampUtc":"2018-04-23T12:21:56.1390465Z"} +353ms

Error code "401002 is IotHubUnauthorizedAccess "

thanks

What is "DPS?" It's helpful to define acronyms. Also, it's unclear what tutorial you're referring to, and without much context around this question, it's unclear what, specifically, you're attempting to do, or what the expected outcome is (other than it involves Azure IoT). Please edit your question accordingly. — David Makogon
Hi Michael, I'm currently on the master branch of azure-iot-sdk-node and yes I have linked my iotHub to DPS. Do you know if I can find some logs in AZure portal explaining the problem. I don't know if the problem is link to my certificate or by something else. — stef

Michael Xu - MSFT Michael Xu - MSFT · Accepted Answer · 2018-04-24T09:25:46

I have tested with the latest version SDK. It works. Following are my operation steps.

Update:

Generate the root ca certificate file with the command(testRootCert_cert.pem,testRootCert_fullchain.pem,testRootCert_key.pem would be genetated in tools folder):

node create_test_cert.js root

Add a certificate named "root" in Certificates, and upload the root ca file(testRootCert_cert.pem).
Generate the verification Code and create the verification ca file with this command,upload the verification_cert.pem file, the status "root" will be "Verified":

node create_test_cert.js verification --ca testRootCert_cert.pem --key testRootCert_key.pem --nonce {verification code}

Create the enrollment group following this guide, an enrollment group named "first" will be created:

node create_enrollment_group.js "" "testRootCert_cert.pem"

Generate the certificate file for the device to enroll to the group via following command.

node create_test_cert.js device device01 testRootCert

Copy the device01 _cert.pem,device01 _fullchain.pem, and device01 _key.pem to '\device\samples' folder,and modify provisioning host,id scope, registration id(here as 'first' named),cert filename and key filename. Please refer to this document.

var provisioningHost = '{your provisioning Host}'; var idScope = '{your id scope}'; var registrationId = 'device01'; var deviceCert = { cert: fs.readFileSync('device01_cert.pem').toString(), key: fs.readFileSync('device01_key.pem').toString() };

At last, run node register_x509.js to assign the device. The message will be shown as :

registration succeeded
assigned hub={iothub host}
deviceId=device01

Please node that the Device Provisioning Service should be linked to your IoT Hub.

Azure Provisioning service example not working for node

3 Answers