Dmitrij Shabroff via mbed-tls mbed-tls@lists.trustedfirmware.org wrote: > Good afternoon. > I am a microcontroller product designer. I ported MBED TLS to STM > 32L471 microcontroller. While I do not understand how can I use the > certificate. My customer gave me a certificate in the form of a > center2m.com.cer file. The file contains the 3 fields:
I don't know what your customer gave you.
There are three things that you might be given:
1) a trust anchor (certification authority) to use to validate a connection. 2) a pinned certificate for the server that you are expected to connect to. 3) a certificate that goes with a private key you already have in the device, which you will use as a client certificate for TLS client authentication.
How you would install these is different. (3) generally needs to be provisioned in the factory, at manufacturing time. That's a more complex situation, but for testing purposes you could get away with putting the certificate into C code.
While there are routines in mbedtls that can read/parse a PEM file, and you could include the certificates as a string, you'd save code space if you included the certificate in DER form. Your makefile should convert using, for instance: openssl x509 -in cert.pem -outform der -out cert.der xxd -i cert.der >> cert_data.c
-- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works | IoT architect [ ] mcr@sandelman.ca http://www.sandelman.ca/ | ruby on rails [