AWS JITP for IoT embedded system in ESP32

Question

Hello there AWS team!

I'm currently working on an IoT system that uses ESP32 microcontrollers. At the moment I'm able to connect to AWS IoT core and publish/subscribe to topics.

Now, I would like to provision different ESP32 without the need to create Thing, policies, rules, and so on.

I found this tutorial from AWS to use JITP: https://github.com/aws-samples/aws-iot-device-management workshop/blob/master/AWS_IoT_Device_Management_Workshop.md#JITP

If I understand correctly, I just need to upload those certificates and keys to my ESP32 memory, and then it will be business as usual?

My device is headless, so I don't have access to any command line and the current CA and keys are stored in memory.

It is the same process to do JITP?

Thanks in advance :)

Answer

Hi juanGomez,

with [just-in-time provisioning](https://docs.aws.amazon.com/iot/latest/developerguide/jit-provisioning.html) you can provision your devices automatically in AWS IoT Core when they connect for the first time to the service. You put your key and certificate - issued by your own CA - on your device and then you connect and the device get's provisioned.

You don't need any command line tools for provisioning on the device. You can find another walkthrough in the [IoT Device Management Workshop](https://catalog.us-east-1.prod.workshops.aws/workshops/7c2b04e7-8051-4c71-bc8b-6d2d7ce32727/en-US/provisioning-options/just-in-time-provisioning).

Cheers,  
Philipp

Answer

Hello juan,
unfortunately the Espressif  ESP32-C3 modules are sold with ThingName and Certificates already FLASHED and LOCKED by the manuifacturer, it's not possible to modify them.
Thati s the question: how can I automatically onboard 100 modules without registering them manually one by one into AWS IoT Core?
Many thanks for any solving answer.
Mauro Righetto

Answer

Hello Mauro,

there are several ways to do the provisioning step.

JITP works what you need to flash every device with different certificates and thingname.

Provision by claim is easier because you can flash all the devices with the same certificate, and once connected to AWS you will receive a new certificate and thingname.

Answer

Hello eveybody, I think I have quite the same provisioning problem.
I developed a product with the "ESP32-C3-MINI-1" module that is equipped with AWS ExpressLink protocol: it works properly after manually registration in AWS IoT Core.
Now my customer is ready to install hundreds of this product but I haven't understood how can I use the best provisioning method to automatically onboard the devices.
I read various user manuals about JITP but they talk about parameters that I don't have: the only parameters from any eSP32-C3 Express Link module are ThingName, its
Certificate and a common Certificate.
Any advice on how to proceed with this Espressif module?
Mauro Righetto - Italy

Answer

Hello again, I forgot to report important info about Espressif modules: ThingName and Certificates are recorded into the modules and they can't be modified.
Furthermore there is no way to have access the internal memory to add any other kind of parameter (keys, certificates and so on).
Regards
Mauro Righetto - Italy

AWS JITP for IoT embedded system in ESP32

관련 콘텐츠