Hi All,

There are machines out there for testing servers but I don't know of one which can be used for testing a client.

This is a tricky area. For example I have a board running, LWIP and MbedTLS, uploading little test files to two sites.

One was running EC and AES256. It worked fine.

The other was running RSA and AES256 but didn't work, and after some work it was found that its certificate chain was running SHA-1 on the top level certificate, dated 2006. This is actually a major name on the internet! And we didn't have SHA-1 enabled because it is supposed to be deprecated.

I wonder if there is some practical way to test out all this. We can probably enable all the MbedTLS crypto options (TLS is taking up 150k out of 350k of code for the whole product, but we can probably throw in some more) but testing them is something else.

There is a test suite in TLS but it needs to be embedded in the product itself. Has someone implemented that code on a server somewhere?

Thank you in advance for any pointers.

Peter