5.11.3. Ease of Use configuration - Azure IoT Hub¶
5.11.3.1. Creating Device on Azure DPS¶
Follow Raspberry Pi Build or i.MX Linux Build to prepare your board.
You will need to read-out the device certificates using ssscli tool.
If you wish to use an embedded microcontroller, follow the steps given below.
Flash vcom binary present in
binaries
folder onto the board.Read out the device certificate from the SE using
ssscli.exe
present inbinaries/PCWindows/ssscli
directory.
Refer to section Trust provisioned KeyIDs for keyIDs of trust provisioned certificates.
Read out the trust provisioned certificate as:
ssscli connect se05x vcom COMxx ssscli get cert <trust_provisioned_keyid> <filename> ssscli disconnect
Note
Give connection parameters according to your board. Refer to List of ssscli commands for details on supported parameters.
Device certificate will be stored at the file location provided.
Note
Give extension of the filename as .cer to store in PEM format
Parse the extracted certificate using a cryptography tool such as OpenSSL to see the subject common name. This common name should be the name of the device registered on the Azure DPS.
On your Azure portal, go to Azure DPS and create an Individual Enrollment. Enter the DeviceID as the subject name extracted in the previous step and in Primary Certificate, upload the extracted device certificate. You do not need to upload secondary certificate.
Note
Ensure that your DPS is linked to IoT Hub.
Select the device as an Edge device and save the configuration.
5.11.3.2. Registering Device to IoT Hub¶
To register the saved device to IoT Hub, you would need a Linux platform. Run the following command to create a reference key file to be used with OpenSSL engine:
ssscli connect se05x t1oi2c none ssscli refpem ecc/rsa pair <trust_provisioned_keyid> keyref.pem ssscli disconnect
Build the OpenSSL engine:
cd simw-top python scripts/create_cmake_projects.py cd ../simw-top_build/<board>_native_se050_t1oi2c cmake --build . make install ldconfig /usr/local/lib
Based on OpenSSL version, select the appropriate configuration file in
<MW_SRC_DIR>/simw-top/demos/linux/common
directory:openssl11_sss_se050.cnf ----- OpenSSL 1.1.1 and SE050 openssl_sss_se050.cnf ----- OpenSSL 1.0.0 and SE050
Set the openssl config path as:
$ export OPENSSL_CONF=/simw-top/demos/linux/common/<appropriate-cnf-file>
Follow the steps listed in Create device enrollment in azure IoT Hub portal to register your device to the linked IoT Hub.
If you do not have a linux platform, follow the steps listed in https://docs.microsoft.com/en-us/azure/iot-dps/tutorial-provision-device-to-hub to register your device to IoT Hub.
5.11.3.3. Running Azure Demo¶
This step is only for Linux platforms. If you wish to use an embedded microcontroller, continue to the next step
Running Azure registration application successfully would have generated a JSON file to connect to your device. Use this JSON file to connect to Azure as:
./azure_imx_connect --json <JSON-file>
Where JSON-file is the generated file.
5.11.3.4. Update cloud example¶
In file demos/ksdk/azure/azure_iot_config.h
, update AZURE_IOT_HUB_NAME
,
AZURE_LOCATION_NAME
and AZURE_DEVICE_NAME
according to your credentials and
update keyIDs of Trust Provisioned keys and certificates used (as
obtained from Trust provisioned KeyIDs):
#define AZURE_IOT_HUB_NAME "NXPIoTHub"
#define AZURE_LOCATION_NAME "bengaluru"
#define AZURE_DEVICE_NAME "528951164068620272177235"
#define AZURE_IOT_KEY_INDEX_SM 0x223344 ///< Index where client key is kept //Decimal - 2241348
#define AZURE_IOT_CLIENT_CERT_INDEX_SM 0x223345 ///< Index where client certificate is kept //Decimal - 2241349
5.11.3.5. Build and run the demo.¶
Build and run cloud_azure
.
CMake configurations:
RTOS_FreeRTOS
: ONSSS_HAVE_HOSTCRYPTO_MBEDTLS
: ONSSS_HAVE_MBEDTLS_ALT_SSS
: ON