search

u-blox / ubxlib

Portable C libraries which provide APIs to build applications with u-blox products and services. Delivered as add-on to existing microcontroller and RTOS SDKs.
Apache License 2.0
287 stars 82 forks source link

rewrite certificates after reboot #246

Closed mos216 closed 4 weeks ago

mos216 commented 1 month ago

Hello, based on the example (tls) I found that certificates are rewritten after each reboot.

the used gsm-modem = LenaR8-M10

` AT+USECMNG=4,1,"test_aws"

+USECMNG: 4,1,"test_aws","779F57D926322E562A0DBDDFD9D3652D"

OK certificate is not found!AT+USECMNG=0,1,"test_aws",1223

-----BEGIN CERTIFICATE-----xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx=-----END CERTIFICATE----- +USECMNG: 0,1,"test_aws","779F57D926322E562A0DBDDFD9D3652D" OK AT+USECMNG=4,2,"ubxlib_test_client_key"

+USECMNG: 4,2,"ubxlib_test_client_key","8FE6DDDB64B8F82EA252B2BB5E3808E8"

OK AT+USECMNG=4,0,"ubxlib_test_ca_cert"

+USECMNG: 4,0,"ubxlib_test_ca_cert","A883A02DE0AD346426B3FB8A1B933D84"

OK Creating socket... AT+USOCR=6

+USOCR:0

OK U_SOCK: socket created, descriptor 0, network handle 0x20008e70, socket handle 0. AT+USECPRF=0

OK AT+USECPRF=0,3,"ubxlib_test_ca_cert"

OK AT+USECPRF=0,5,"test_aws"

OK AT+USECPRF=0,6,"ubxlib_test_client_key"

OK AT+USECPRF=0,0,1

OK AT+USOSEC=0,1,0

`

RobMeades commented 1 month ago

Hi mos216: first thing to check is, have you updated gUEchoServerClientCertHash to match the hash of your own "test_aws" key? The example compares the expected hash of the certificate with the hash of the u-blox echo server certificate, since that is what it is expecting to have been written?

mos216 commented 4 weeks ago

HI Rob, is true. It seems that I forgot to update the hash values. Now it is working after the update. thanks , this issue can be closed!

Thank you for your support