Hello

First I would like to say that I hope this is the right place to ask this. Should it not be any Info on where I should post about this would be greatly appreciated. Thank you all in advance.

I am currently working on an IoT Project for my Bachelor’s thesis. The goal is to gather data from an existing machine and send it to an Azure cloud via AMQP. To do this I have set up an [IoT Hub](https://azure.microsoft.com/en-us/services/iot-hub/) and will be using the [Azure IoT Edge runntime](https://azure.microsoft.com/en-us/services/iot-edge/) to connect and send the Data. For initial development, I have authenticated my devices to the cloud using symmetric keys generated by the IoT hub. Now I want to switch to something more secure. All my Devices come with a TPM 2.0 Module. It is possible to use this to [authenticate my devices via the Azure DPS Service](https://docs.microsoft.com/en-us/azure/iot-dps/quick-enroll-device-tpm?tabs=symmetrickey&pivots=programming-language-java). To do this I need the EK and the Registration ID of the TPM. I have already installed the [tpm2-library](https://tpm2-tools.readthedocs.io/en/stable/) and can interact with my TPM. I tried getting the EK using the command:

`tpm2_getekcertificate -o ECcert.bin`

as per [the documentation](https://tpm2-tools.readthedocs.io/en/stable/man/tpm2_getekcertificate.1/) of the tpm2-tools. The response is

`tpm2_getekcertificate: command not found`

Possible errors:

1. I am using the command wrong
2. I am using the wrong command
3. There is no EK yet as I have not taken ownership of the TPM and therefore none was created. In this case, I would need to create an EK but I don’t know how to do that.

Any help would be greatly appreciated.

Share This Discussion

Leave a Comment

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.