HTTPS Connection using Serial LTE Modem application

Hello,

I apologize if this is a simple question. I am working with the nRF9161-DK and am using the Serial LTE Modem application. The ultimate goal is to send data via POST HTTPS to a cloud API.

I am able to establish connections with #XHTTPCCON and send requests with #XHTTPCREQ to sites on port 80, but I need to set up TLS to communicate with the cloud API. I understand I would need a certificate in the %CMNG certificate manager and to use the sec_tag parameter in the #XHTTPCCON command, but I am unsure which certificate I need, or how I would go about getting/generating that certificate.

This is my %CMNG=1 command:

> AT%CMNG=1

%CMNG: 16842753,0,"2C43952EE9E000FF2ACC4E2ED0897C0A72AD5FA72C3D934E81741CBD54F05BD1"
%CMNG: 16842753,1,"6A31C24E5D74552DEC38BCE12F035B2C945E11E0A485ADBD378E60B5E8D40509"
%CMNG: 16842753,2,"44994E0C18A1FBF983774BE5F7F7F877E5D251A66B2E3F68E47FDF5C173624C3"
%CMNG: 4294967292,11,"672E2F05962B4EFBFA8801255D87E0E0418F2DDF4DDAEFC59E9B4162F512CB63"
%CMNG: 4294967293,10,"2C43952EE9E000FF2ACC4E2ED0897C0A72AD5FA72C3D934E81741CBD54F05BD1"
%CMNG: 4294967294,6,"8BB32C76C95350D9711BFF02921AE4362376E1892D8EC1A9F6A0516AC5BCA97E"

These certs came with the DK. What are these certificates? Can I use them for TLS for my goal? When I attempt to use any of these certificates in  #XHTTPCCON to connect to google.ca on port 443, I get an error.

Any guidance on how to use HTTPS with the serial LTE modem application would be greatly appreciated.

  • Hello,

    These certs came with the DK. What are these certificates? Can I use them for TLS for my goal? When I attempt to use any of these certificates in  #XHTTPCCON to connect to google.ca on port 443, I get an error.

    These certificates are for connecting to nrf cloud. You will need different certificates for other servers. With google.ca you don't need any private certificates, just the CA cert which I believe should be Google Trust Services verified certificate. I think it should be possible to use the same CA cert as your browser uses when connecting to google.ca.

    If you are going to connect to a private AWS broker or similar, you will probably need to have more then one cert to connect, including CA cert, private cert etc.

Related