My requirement is to develop a mobile app which itself register the mobile device in an IoT hub using provisioning services.
I am developing a mobile application using react native and Azure IoT Java SDK. It is to send telemetry data to Azure IoT hub. However I don't want to hard code the IoT connection details of each and every mobile devices.
There I met the IoT provision services which can be used to register the devices programmatically. My plan was to register device upon the installation or at the first boot up of the app. But the online help sources mentions that all the security attestation should be done by the manufacturer.
It seems I should store an x.509 intermediate certificate in the app and generate a leaf certificate to register the device. I feel this is a bad idea. What is the proper method to handle my situation?