AWS JITP for IoT embedded system in ESP32


Hello there AWS team!

I'm currently working on an IoT system that uses ESP32 microcontrollers. At the moment I'm able to connect to AWS IoT core and publish/subscribe to topics.

Now, I would like to provision different ESP32 without the need to create Thing, policies, rules, and so on.

I found this tutorial from AWS to use JITP: workshop/blob/master/

If I understand correctly, I just need to upload those certificates and keys to my ESP32 memory, and then it will be business as usual?

My device is headless, so I don't have access to any command line and the current CA and keys are stored in memory.

It is the same process to do JITP?

Thanks in advance :)

5 Answers

Hello juan, unfortunately the Espressif ESP32-C3 modules are sold with ThingName and Certificates already FLASHED and LOCKED by the manuifacturer, it's not possible to modify them. Thati s the question: how can I automatically onboard 100 modules without registering them manually one by one into AWS IoT Core? Many thanks for any solving answer. Mauro Righetto

answered a year ago
  • Hi Mauro Righetto,Did you find a way to do that? If there is a way can you explain it to me. shani


Hi juanGomez,

with just-in-time provisioning you can provision your devices automatically in AWS IoT Core when they connect for the first time to the service. You put your key and certificate - issued by your own CA - on your device and then you connect and the device get's provisioned.

You don't need any command line tools for provisioning on the device. You can find another walkthrough in the IoT Device Management Workshop.


answered a year ago

Hello eveybody, I think I have quite the same provisioning problem. I developed a product with the "ESP32-C3-MINI-1" module that is equipped with AWS ExpressLink protocol: it works properly after manually registration in AWS IoT Core. Now my customer is ready to install hundreds of this product but I haven't understood how can I use the best provisioning method to automatically onboard the devices. I read various user manuals about JITP but they talk about parameters that I don't have: the only parameters from any eSP32-C3 Express Link module are ThingName, its Certificate and a common Certificate. Any advice on how to proceed with this Espressif module? Mauro Righetto - Italy

answered a year ago

Hello again, I forgot to report important info about Espressif modules: ThingName and Certificates are recorded into the modules and they can't be modified. Furthermore there is no way to have access the internal memory to add any other kind of parameter (keys, certificates and so on). Regards Mauro Righetto - Italy

answered a year ago

Hello Mauro,

there are several ways to do the provisioning step.

JITP works what you need to flash every device with different certificates and thingname.

Provision by claim is easier because you can flash all the devices with the same certificate, and once connected to AWS you will receive a new certificate and thingname.

answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions