Hi,
The certificates in TLS are X.509 and are transmitted in .der format, but TLS implementations usually can load/import them from .pem format as well.
The key exchange mode and the exact certificate being sent is negotiated by the client and the server and depends on their configuration and capabilities.
Here are some diagrams on the different versions: https://tls12.xargs.org/ https://tls13.xargs.org/
I hope this helps.
Regards, Janos
From: Satya Prakash Prasad via mbed-tls mbed-tls@lists.trustedfirmware.org Date: Saturday, 13 January 2024 at 13:42 To: mbed-tls@lists.trustedfirmware.org mbed-tls@lists.trustedfirmware.org Subject: [mbed-tls] MBed TLS Tutorial Hi,
Referring to the example as in https://mbed-tls.readthedocs.io/en/latest/kb/how-to/mbedtls-tutorial/ (secure connection) does the secret key exchange takes place in-between server and client.
Is there any flowchart / diagram that states what happens during the server client connection - how the keys are exchanged and what types of certs are exchanged, I mean like .pem, X.509 etc?
Can we take this way that be it any type of certificate the code implementation is the same for all TLS communication?
Thanks in advance.
Regards, Prakash