Azure C SDK sample device provision program unauthorized connection-CodePudding

I am trying to connect a device to be provisioned using Azure IoT.

I have tried creating certificates in multiple ways following multiple tutorials on Azure SDK github and Azure documentation.

I am using a sample program prov_dev_client_ll_x509_sample found here and modified only the id_scope, registration_id, x509certificate and x509privatekey.

Here are the logs from the program.

Provisioning API Version: 1.9.1
Iothub API Version: 1.9.1
-> 12:35:15 CONNECT | VER: 4 | KEEPALIVE: 0 | FLAGS: 130 | USERNAME: XXX&ClientVersion=1.9.1 | CLEAN: 1
<- 12:35:15 CONNACK | SESSION_PRESENT: false | RETURN_CODE: 0x0
-> 12:35:15 SUBSCRIBE | PACKET_ID: 1 | TOPIC_NAME: $dps/registrations/res/# | QOS: 1
Provisioning Status: PROV_DEVICE_REG_STATUS_CONNECTED
<- 12:35:15 SUBACK | PACKET_ID: 1 | RETURN_CODE: 1
-> 12:35:15 PUBLISH | IS_DUP: false | RETAIN: 0 | QOS: DELIVER_AT_MOST_ONCE | TOPIC_NAME: $dps/registrations/PUT/iotdps-register/?$rid=1 | PAYLOAD_LEN: 33
<- 12:35:15 PUBLISH | IS_DUP: false | RETAIN: 0 | QOS: DELIVER_AT_LEAST_ONCE | TOPIC_NAME: $dps/registrations/res/202/?$rid=1&retry-after=3 | PACKET_ID: 2 | PAYLOAD_LEN: 94
-> 12:35:15 PUBACK | PACKET_ID: 2
Provisioning Status: PROV_DEVICE_REG_STATUS_ASSIGNING
-> 12:35:18 PUBLISH | IS_DUP: false | RETAIN: 0 | QOS: DELIVER_AT_MOST_ONCE | TOPIC_NAME: $dps/registrations/GET/iotdps-get-operationstatus/?$rid=2&operationId=XXX | PAYLOAD_LEN: 33
<- 12:35:18 PUBLISH | IS_DUP: false | RETAIN: 0 | QOS: DELIVER_AT_LEAST_ONCE | TOPIC_NAME: $dps/registrations/res/200/?$rid=2 | PACKET_ID: 2 | PAYLOAD_LEN: 539
-> 12:35:18 PUBACK | PACKET_ID: 2
Error: Time:Wed Nov 16 12:35:18 2022 File:XXX/provisioning_client/src/prov_device_ll_client.c Func:prov_transport_process_json_reply Line:665 Provisioning Failure: OperationId: XXX - Date: 2022-11-16T10:35:16.1700914Z - Msg: {"Message":"ErrorCode:IotHubUnauthorizedAccess;Unauthorized","ExceptionMessage":"Tracking ID:88b6478739ba4e5aa031400ff6df0078-G:0-TimeStamp:11/16/2022 10:35:15"}
Error: Time:Wed Nov 16 12:35:18 2022 File:XXX/provisioning_client/src/prov_transport_mqtt_common.c Func:prov_transport_common_mqtt_dowork Line:979 Unable to process registration reply.
Error: Time:Wed Nov 16 12:35:18 2022 File:XXX/provisioning_client/src/prov_device_ll_client.c Func:on_transport_registration_data Line:777 Failure retrieving data from the provisioning service
Failure encountered on registration PROV_DEVICE_RESULT_DEV_AUTH_ERROR
-> 12:35:18 DISCONNECT
registration failed!

It seems that the requests at first return success as seen by $dps/registrations/res/200/?$rid=2 but the error message does not provide much insight to the problem. Has anyone encountered this error?

CodePudding user response：

The first 200 reply is just the MQTT connection; it's not the actual DPS transaction.

There's not enough information in the question to be sure, but I'm guessing you didn't properly configure the provisioning side in DPS - see https://learn.microsoft.com/en-us/azure/iot-dps/quick-create-simulated-device-x509?tabs=windows&pivots=programming-language-ansi-c#create-a-device-enrollment which gets into details on this. (it's too long to do the "quick summary" thing and the docs and Portal change often enough that the summary would very possibly be out of date in the future anyway)

CodePudding user response：

Issue was that DPS does not have access to my IoT hub. To resolve the issue I removed and added back the IoT Hub to the DPS in Azure Portal.

Credit to Eric Woltz for the answer (https://github.com/Azure/azure-iot-sdk-c/issues/2404#issuecomment-1317558000).