Hi everyone,
we are currently developing a customer product, which connects to an Azure IoT Hub instance using DPS. We successfully tested this connection (over MQTT, TLS, X509) and it works so far. But along the developent there came up an interesting question:
Is it possible to pre-program a set of certificates which is common for all devices (hard code in firmware) ?
If yes, does the device get the individual certificates from the DPS service when it connects the first time?
This procedere would reduce the complexity and overhead in the device production at our partner facility which assembles the pcbs and makes the final tests.
We already did some reasearch on this topic, but we didn't get a clear answer if (and how) this would work. Maybe it works by creating an enrollment group on at the Azure IoT Hub, but then we have to create still individual certificates for each device (which we want to avoid). All guideline and tutorials show how to create those certificates for an individual device, but not (if possible) how to preprogram a shared certificate.
Maybe someone as some knowledge or a advice for us. Did someone already something as described above or is it impossible and we have to create for each new device those individual certificates?
Thanks in advance!
Thomas
