ESP32 downloads certificates from the cloud
We rule this option out due following drawbacks
- File handling with limited ESP32 resources is tedious
- Takes up valuable flash space which could be used by the application firmware.
- Out of production line, connecting every device to Wi-Fi is time consuming.
Mobile App provisions the device on first use
- The device advertises over BLE
- The mobile app connects to the device
- The app downloads and installs the certificates
- The app also configures the Wi-Fi credentials and connects the device to AWS IOT
For a consumer facing product with an accompanying Mobile App, this is a very good choice for the following reasons.
- Integrating AWS IOT device provisioning workflows on mobile app is relatively easier.
- The first use of the device by end user can be authenticated via mobile app
- Other product configuration or customization can be done along with the provisioning process
- Makes product deployments across geographies easier.
- The app development has additional BLE Integration
Assembly line provisioning
Build a manufacturing support tool (MST) that runs on the computer. It performs the following tasks.
- Integrate AWS IOT provisioning APIs in the MST
- The MST connects to internet and downloads the certificates and flashes via USB or Serial port
- Improves end user experience with least steps
- Provisioning happens straight out of the production line
- Ensuring security at the assembly line is important, the MST should ensure that.
- The device will need internet connection on the assembly line.
The accompanying mobile app is the solution that we recommend. How are you accomplishing the ESP32 AWS-IOT provisioning?