This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

nRF91 questions about credentials

Hi,

I have two nRF9160DKs and I noticed that the SHA-256 digest of the credentials looks very strange

Questions:

1, Why are the digest so repeating? I have installed the JSON credentials got from nRF Cloud without error.

The software is firmware/images_full/nrf9160dk_at_client_2020-04-29_bc7ade8b.hex and mfwnrf916012.zip.

2, During my tests I deleted the first credential with sec_tag 0 from device with image 1.
The device seen on image 2 has that credential. How can I set back that credential?

3, On image 2: what is that credential with sec_tag 0 anyway?
It has type 6 but according to nrf91_at_commandsv1.2.pdf "4.28 Credential storage management %CMNG"
there are types only 0-5.

With kind regards,

Árpád

With kind regards,

Árpád

Top Replies

Kenneth over 4 years ago in reply to PopradiArpad +1 verified

Looks like the " the unspecified 6-er " is not used for anything at the moment, but it may used in future, so I suggest to leave it untouched. Best regards, Kenneth

Parents

0 Martin Lesund over 4 years ago

Hi Árpád,

Please make sure that you are running the latest MFW: https://www.nordicsemi.com/Products/Low-power-cellular-IoT/nRF9160/Download#infotabs

e.g.

This can be read out by AT+CGMR

(mfw 1.2.1 is not yet public)

These certificates are stored in the modem flash, so changing the application .hex does not change the certificates.

Please read the examples down in the doc: https://infocenter.nordicsemi.com/index.jsp?topic=%2Fref_at_commands%2FREF%2Fat_commands%2Fmob_termination_ctrl_status%2Fcmng_set.html&cp=2_1_3_27_0

on how you can read out the specific certificates.

When you list the certificates it will look different compared to when you actually read them out.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 PopradiArpad over 4 years ago in reply to Martin Lesund
Hi Martin,

I use

AT+CGMR

mfw_nrf9160_1.2.0

the latest firmware.

Do you have answers for the questions?

Regards,

Árpád
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Martin Lesund over 4 years ago in reply to PopradiArpad
1.

Response syntax for read operation:

%CMNG: <sec_tag>,<type>[,<sha>[,<content>]]

It is the SHA that has this "repeating" data.

2.

Once you delete a credential it is gone.

To write the credential again you could use the command:

The following command example writes the client certificate:

AT%CMNG=0,567890,1," -----BEGIN CERTIFICATE----- MIIBc464... ...bW9aAa4 -----END CERTIFICATE-----” OK

Or you can use the "Certificate Manager" in LTE Link Monitor, just by dragging and dropping the .json file e.g. gathered from nRF Cloud. (example)

3.
I will check internally why an un-specified type can be shown.

I managed to write to that unspecified type as well:

For now please only use the specified Types
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 Martin Lesund over 4 years ago in reply to PopradiArpad
1.

Response syntax for read operation:

%CMNG: <sec_tag>,<type>[,<sha>[,<content>]]

It is the SHA that has this "repeating" data.

2.

Once you delete a credential it is gone.

To write the credential again you could use the command:

The following command example writes the client certificate:

AT%CMNG=0,567890,1," -----BEGIN CERTIFICATE----- MIIBc464... ...bW9aAa4 -----END CERTIFICATE-----” OK

Or you can use the "Certificate Manager" in LTE Link Monitor, just by dragging and dropping the .json file e.g. gathered from nRF Cloud. (example)

3.
I will check internally why an un-specified type can be shown.

I managed to write to that unspecified type as well:

For now please only use the specified Types
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

No Data