nrf9160 https certificate

RE: nrf9160 https certificate

kamacode — Mon, 17 May 2021 14:43:27 GMT

working great, thank you for the assistance!

RE: nrf9160 https certificate

Håkon Alseth — Fri, 07 May 2021 08:51:18 GMT

Hi,

This is for http_update/application_update in ncs v1.5.x:

https://github.com/nrfconnect/sdk-nrf/tree/master/samples/nrf9160/http_update/application_update

To use HTTPS, you first have to change your configuration:

CONFIG_USE_HTTPS=y
CONFIG_DOWNLOAD_CLIENT_HTTP_FRAG_SIZE_1024=y
CONFIG_DOWNLOAD_HOST="esr.etrogsystems.com"
CONFIG_DOWNLOAD_FILE="static/mqtt_update/app_update.bin"

Then you need to fetch your certificate, which is SectigoRSAOrganizationValidationSecureServerCA.crt (Sectigo RSA Organization Validation Secure Server CA [ Intermediate ]):

https://sectigo.com/knowledge-base/detail/Sectigo-Intermediate-Certificates/kA01N000000rfBO

Then you need to put this into a C-format by adding "<stuff>\n" :

"-----BEGIN CERTIFICATE-----\n"
"MIIGGTCCBAGgAwIBAgIQE31TnKp8MamkM3AZaIR6jTANBgkqhkiG9w0BAQwFADCB\n"
"iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl\n"
"cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV\n"
"BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgx\n"
"MTAyMDAwMDAwWhcNMzAxMjMxMjM1OTU5WjCBlTELMAkGA1UEBhMCR0IxGzAZBgNV\n"
"BAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEYMBYGA1UE\n"
"ChMPU2VjdGlnbyBMaW1pdGVkMT0wOwYDVQQDEzRTZWN0aWdvIFJTQSBPcmdhbml6\n"
"YXRpb24gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENBMIIBIjANBgkqhkiG9w0B\n"
"AQEFAAOCAQ8AMIIBCgKCAQEAnJMCRkVKUkiS/FeN+S3qU76zLNXYqKXsW2kDwB0Q\n"
"9lkz3v4HSKjojHpnSvH1jcM3ZtAykffEnQRgxLVK4oOLp64m1F06XvjRFnG7ir1x\n"
"on3IzqJgJLBSoDpFUd54k2xiYPHkVpy3O/c8Vdjf1XoxfDV/ElFw4Sy+BKzL+k/h\n"
"fGVqwECn2XylY4QZ4ffK76q06Fha2ZnjJt+OErK43DOyNtoUHZZYQkBuCyKFHFEi\n"
"rsTIBkVtkuZntxkj5Ng2a4XQf8dS48+wdQHgibSov4o2TqPgbOuEQc6lL0giE5dQ\n"
"YkUeCaXMn2xXcEAG2yDoG9bzk4unMp63RBUJ16/9fAEc2wIDAQABo4IBbjCCAWow\n"
"HwYDVR0jBBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFBfZ1iUn\n"
"Z/kxwklD2TA2RIxsqU/rMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/\n"
"AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAbBgNVHSAEFDASMAYG\n"
"BFUdIAAwCAYGZ4EMAQICMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNl\n"
"cnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNy\n"
"bDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRy\n"
"dXN0LmNvbS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZ\n"
"aHR0cDovL29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG9w0BAQwFAAOCAgEAThNA\n"
"lsnD5m5bwOO69Bfhrgkfyb/LDCUW8nNTs3Yat6tIBtbNAHwgRUNFbBZaGxNh10m6\n"
"pAKkrOjOzi3JKnSj3N6uq9BoNviRrzwB93fVC8+Xq+uH5xWo+jBaYXEgscBDxLmP\n"
"bYox6xU2JPti1Qucj+lmveZhUZeTth2HvbC1bP6mESkGYTQxMD0gJ3NR0N6Fg9N3\n"
"OSBGltqnxloWJ4Wyz04PToxcvr44APhL+XJ71PJ616IphdAEutNCLFGIUi7RPSRn\n"
"R+xVzBv0yjTqJsHe3cQhifa6ezIejpZehEU4z4CqN2mLYBd0FUiRnG3wTqN3yhsc\n"
"SPr5z0noX0+FCuKPkBurcEya67emP7SsXaRfz+bYipaQ908mgWB2XQ8kd5GzKjGf\n"
"FlqyXYwcKapInI5v03hAcNt37N3j0VcFcC3mSZiIBYRiBXBWdoY5TtMibx3+bfEO\n"
"s2LEPMvAhblhHrrhFYBZlAyuBbuMf1a+HNJav5fyakywxnB2sJCNwQs2uRHY1ihc\n"
"6k/+JLcYCpsM0MF8XPtpvcyiTcaQvKZN8rG61ppnW5YCUtCC+cQKXA0o4D/I+pWV\n"
"idWkvklsQLI+qGu41SWyxP7x09fn1txDAXYw+zuLXfdKiXyaNb78yvBXAfCNP6CH\n"
"MntHWpdLgtJmwsQt6j8k9Kf5qLnjatkYYaA7jBU=\n"
"-----END CERTIFICATE-----\n"

And store this in this folder on your PC:

https://github.com/nrfconnect/sdk-nrf/tree/master/samples/nrf9160/http_update/common/cert

Then edit update.c file to point to the above CA root:

https://github.com/nrfconnect/sdk-nrf/blob/master/samples/nrf9160/http_update/common/src/update.c#L43

For instance:

	static const char cert[] = {
		//#include "../cert/BaltimoreCyberTrustRoot"
		#include "../cert/SectigoRSAOrganizationValidationSecureServerCA"
	};

Now it should be able to connect to your server and download the app_update.bin:

*** Booting Zephyr OS build v2.4.99-ncs2  ***
I: Starting bootloader
I: Primary image: magic=unset, swap_type=0x1, copy_done=0x3, image_ok=0x3
I: Secondary image: magic=unset, swap_type=0x1, copy_done=0x3, image_ok=0x3
I: Boot source: none
I: Swap type: none
I: Bootloader chainload address offset: 0x10000
*** Booting Zephyr OS build v2.4.99-ncs2  ***
Flash regions           Domain          Permissions
00 02 0x00000 0x18000   Secure          rwxl
03 31 0x18000 0x100000  Non-Secure      rwxl

Non-secure callable region 0 placed in flash region 2 with size 32.

SRAM region             Domain          Permissions
00 07 0x00000 0x10000   Secure          rwxl
08 31 0x10000 0x40000   Non-Secure      rwxl

Peripheral              Domain          Status
00 NRF_P0               Non-Secure      OK
01 NRF_CLOCK            Non-Secure      OK
02 NRF_RTC0             Non-Secure      OK
03 NRF_RTC1             Non-Secure      OK
04 NRF_NVMC             Non-Secure      OK
05 NRF_UARTE1           Non-Secure      OK
06 NRF_UARTE2           Secure          SKIP
07 NRF_TWIM2            Non-Secure      OK
08 NRF_SPIM3            Non-Secure      OK
09 NRF_TIMER0           Non-Secure      OK
10 NRF_TIMER1           Non-Secure      OK
11 NRF_TIMER2           Non-Secure      OK
12 NRF_SAADC            Non-Secure      OK
13 NRF_PWM0             Non-Secure      OK
14 NRF_PWM1             Non-Secure      OK
15 NRF_PWM2             Non-Secure      OK
16 NRF_PWM3             Non-Secure      OK
17 NRF_WDT              Non-Secure      OK
18 NRF_IPC              Non-Secure      OK
19 NRF_VMC              Non-Secure      OK
20 NRF_FPU              Non-Secure      OK
21 NRF_EGU1             Non-Secure      OK
22 NRF_EGU2             Non-Secure      OK
23 NRF_DPPIC            Non-Secure      OK
24 NRF_REGULATORS       Non-Secure      OK
25 NRF_GPIOTE1          Non-Secure      OK

SPM: NS image at 0x1c200
SPM: NS MSP at 0x2001fa80
SPM: NS reset vector at 0x1fdf9
SPM: prepare to jump to Non-Secure image.
*** Booting Zephyr OS build v2.4.99-ncs2  ***
HTTP application update sample started
Provisioning certificate
LTE Link Connecting ...
LTE Link Connected!
Press Button 1 to perform application firmware update
I: Setting up TLS credentials, tag 42
I: Configuring socket timeout (30 s)
I: Connecting to esr.etrogsystems.com
I: Downloading: static/mqtt_update/app_update.bin [0]
I: Downloaded 1024/205267 bytes (0%)
I: Downloaded 2048/205267 bytes (0%)
I: Downloaded 3072/205267 bytes (1%)
I: Downloaded 4096/205267 bytes (1%)
I: Downloaded 5120/205267 bytes (2%)
I: Downloaded 6144/205267 bytes (2%)
I: Downloaded 7168/205267 bytes (3%)
I: Downloaded 8192/205267 bytes (3%)
I: Downloaded 9216/205267 bytes (4%)
I: Downloaded 10240/205267 bytes (4%)
I: Downloaded 11264/205267 bytes (5%)
I: Downloaded 12288/205267 bytes (5%)
I: Downloaded 13312/205267 bytes (6%)
I: Downloaded 14336/205267 bytes (6%)
I: Downloaded 15360/205267 bytes (7%)
I: Downloaded 16384/205267 bytes (7%)
I: Downloaded 17408/205267 bytes (8%)
I: Downloaded 18432/205267 bytes (8%)
I: Downloaded 19456/205267 bytes (9%)
I: Downloaded 20480/205267 bytes (9%)
I: Downloaded 21504/205267 bytes (10%)
I: Downloaded 22528/205267 bytes (10%)
I: Downloaded 23552/205267 bytes (11%)
I: Downloaded 24576/205267 bytes (11%)
I: Downloaded 25600/205267 bytes (12%)
I: Downloaded 26624/205267 bytes (12%)
I: Downloaded 27648/205267 bytes (13%)
I: Downloaded 28672/205267 bytes (13%)
I: Downloaded 29696/205267 bytes (14%)
I: Downloaded 30720/205267 bytes (14%)
I: Downloaded 31744/205267 bytes (15%)
I: Downloaded 32768/205267 bytes (15%)
I: Downloaded 33792/205267 bytes (16%)
I: Downloaded 34816/205267 bytes (16%)
I: Downloaded 35840/205267 bytes (17%)
I: Downloaded 36864/205267 bytes (17%)
I: Downloaded 37888/205267 bytes (18%)
I: Downloaded 38912/205267 bytes (18%)
I: Downloaded 39936/205267 bytes (19%)
I: Downloaded 40960/205267 bytes (19%)
I: Downloaded 41984/205267 bytes (20%)
I: Downloaded 43008/205267 bytes (20%)
I: Downloaded 44032/205267 bytes (21%)
I: Downloaded 45056/205267 bytes (21%)
I: Downloaded 46080/205267 bytes (22%)
I: Downloaded 47104/205267 bytes (22%)
I: Downloaded 48128/205267 bytes (23%)
I: Downloaded 49152/205267 bytes (23%)
I: Downloaded 50176/205267 bytes (24%)
I: Downloaded 51200/205267 bytes (24%)
I: Downloaded 52224/205267 bytes (25%)
I: Downloaded 53248/205267 bytes (25%)
I: Downloaded 54272/205267 bytes (26%)
I: Downloaded 55296/205267 bytes (26%)
I: Downloaded 56320/205267 bytes (27%)
I: Downloaded 57344/205267 bytes (27%)
I: Downloaded 58368/205267 bytes (28%)
I: Downloaded 59392/205267 bytes (28%)
I: Downloaded 60416/205267 bytes (29%)
I: Downloaded 61440/205267 bytes (29%)
I: Downloaded 62464/205267 bytes (30%)
I: Downloaded 63488/205267 bytes (30%)
I: Downloaded 64512/205267 bytes (31%)
I: Downloaded 65536/205267 bytes (31%)
I: Downloaded 66560/205267 bytes (32%)
I: Downloaded 67584/205267 bytes (32%)
I: Downloaded 68608/205267 bytes (33%)
I: Downloaded 69632/205267 bytes (33%)
I: Downloaded 70656/205267 bytes (34%)
I: Downloaded 71680/205267 bytes (34%)
I: Downloaded 72704/205267 bytes (35%)
I: Downloaded 73728/205267 bytes (35%)
I: Downloaded 74752/205267 bytes (36%)
I: Downloaded 75776/205267 bytes (36%)
I: Downloaded 76800/205267 bytes (37%)
I: Downloaded 77824/205267 bytes (37%)
I: Downloaded 78848/205267 bytes (38%)
I: Downloaded 79872/205267 bytes (38%)
I: Downloaded 80896/205267 bytes (39%)
I: Downloaded 81920/205267 bytes (39%)
I: Downloaded 82944/205267 bytes (40%)
I: Downloaded 83968/205267 bytes (40%)
I: Downloaded 84992/205267 bytes (41%)
I: Downloaded 86016/205267 bytes (41%)
I: Downloaded 87040/205267 bytes (42%)
I: Downloaded 88064/205267 bytes (42%)
I: Downloaded 89088/205267 bytes (43%)
I: Downloaded 90112/205267 bytes (43%)
I: Downloaded 91136/205267 bytes (44%)
I: Downloaded 92160/205267 bytes (44%)
I: Downloaded 93184/205267 bytes (45%)
I: Downloaded 94208/205267 bytes (45%)
I: Downloaded 95232/205267 bytes (46%)
I: Downloaded 96256/205267 bytes (46%)
I: Downloaded 97280/205267 bytes (47%)
I: Downloaded 98304/205267 bytes (47%)
I: Downloaded 99328/205267 bytes (48%)
I: Downloaded 100352/205267 bytes (48%)
I: Downloaded 101376/205267 bytes (49%)
W: Peer closed connection, will re-connect
I: Downloaded 102400/205267 bytes (49%)
I: Reconnecting..
I: Setting up TLS credentials, tag 42
I: Configuring socket timeout (30 s)
I: Connecting to esr.etrogsystems.com
I: Downloaded 103424/205267 bytes (50%)
I: Downloaded 104448/205267 bytes (50%)
I: Downloaded 105472/205267 bytes (51%)
I: Downloaded 106496/205267 bytes (51%)
I: Downloaded 107520/205267 bytes (52%)
I: Downloaded 108544/205267 bytes (52%)
I: Downloaded 109568/205267 bytes (53%)
I: Downloaded 110592/205267 bytes (53%)
I: Downloaded 111616/205267 bytes (54%)
I: Downloaded 112640/205267 bytes (54%)
I: Downloaded 113664/205267 bytes (55%)
I: Downloaded 114688/205267 bytes (55%)
I: Downloaded 115712/205267 bytes (56%)
I: Downloaded 116736/205267 bytes (56%)
I: Downloaded 117760/205267 bytes (57%)
I: Downloaded 118784/205267 bytes (57%)
I: Downloaded 119808/205267 bytes (58%)
I: Downloaded 120832/205267 bytes (58%)
I: Downloaded 121856/205267 bytes (59%)
I: Downloaded 122880/205267 bytes (59%)
I: Downloaded 123904/205267 bytes (60%)
I: Downloaded 124928/205267 bytes (60%)
I: Downloaded 125952/205267 bytes (61%)
I: Downloaded 126976/205267 bytes (61%)
I: Downloaded 128000/205267 bytes (62%)
I: Downloaded 129024/205267 bytes (62%)
I: Downloaded 130048/205267 bytes (63%)
I: Downloaded 131072/205267 bytes (63%)
I: Downloaded 132096/205267 bytes (64%)
I: Downloaded 133120/205267 bytes (64%)
I: Downloaded 134144/205267 bytes (65%)
I: Downloaded 135168/205267 bytes (65%)
I: Downloaded 136192/205267 bytes (66%)
I: Downloaded 137216/205267 bytes (66%)
I: Downloaded 138240/205267 bytes (67%)
I: Downloaded 139264/205267 bytes (67%)
I: Downloaded 140288/205267 bytes (68%)
I: Downloaded 141312/205267 bytes (68%)
I: Downloaded 142336/205267 bytes (69%)
I: Downloaded 143360/205267 bytes (69%)
I: Downloaded 144384/205267 bytes (70%)
I: Downloaded 145408/205267 bytes (70%)
I: Downloaded 146432/205267 bytes (71%)
I: Downloaded 147456/205267 bytes (71%)
I: Downloaded 148480/205267 bytes (72%)
I: Downloaded 149504/205267 bytes (72%)
I: Downloaded 150528/205267 bytes (73%)
I: Downloaded 151552/205267 bytes (73%)
I: Downloaded 152576/205267 bytes (74%)
I: Downloaded 153600/205267 bytes (74%)
I: Downloaded 154624/205267 bytes (75%)
I: Downloaded 155648/205267 bytes (75%)
I: Downloaded 156672/205267 bytes (76%)
I: Downloaded 157696/205267 bytes (76%)
I: Downloaded 158720/205267 bytes (77%)
I: Downloaded 159744/205267 bytes (77%)
I: Downloaded 160768/205267 bytes (78%)
I: Downloaded 161792/205267 bytes (78%)
I: Downloaded 162816/205267 bytes (79%)
I: Downloaded 163840/205267 bytes (79%)
I: Downloaded 164864/205267 bytes (80%)
I: Downloaded 165888/205267 bytes (80%)
I: Downloaded 166912/205267 bytes (81%)
I: Downloaded 167936/205267 bytes (81%)
I: Downloaded 168960/205267 bytes (82%)
I: Downloaded 169984/205267 bytes (82%)
I: Downloaded 171008/205267 bytes (83%)
I: Downloaded 172032/205267 bytes (83%)
I: Downloaded 173056/205267 bytes (84%)
I: Downloaded 174080/205267 bytes (84%)
I: Downloaded 175104/205267 bytes (85%)
I: Downloaded 176128/205267 bytes (85%)
I: Downloaded 177152/205267 bytes (86%)
I: Downloaded 178176/205267 bytes (86%)
I: Downloaded 179200/205267 bytes (87%)
I: Downloaded 180224/205267 bytes (87%)
I: Downloaded 181248/205267 bytes (88%)
I: Downloaded 182272/205267 bytes (88%)
I: Downloaded 183296/205267 bytes (89%)
I: Downloaded 184320/205267 bytes (89%)
I: Downloaded 185344/205267 bytes (90%)
I: Downloaded 186368/205267 bytes (90%)
I: Downloaded 187392/205267 bytes (91%)
I: Downloaded 188416/205267 bytes (91%)
I: Downloaded 189440/205267 bytes (92%)
I: Downloaded 190464/205267 bytes (92%)
I: Downloaded 191488/205267 bytes (93%)
I: Downloaded 192512/205267 bytes (93%)
I: Downloaded 193536/205267 bytes (94%)
I: Downloaded 194560/205267 bytes (94%)
I: Downloaded 195584/205267 bytes (95%)
I: Downloaded 196608/205267 bytes (95%)
I: Downloaded 197632/205267 bytes (96%)
I: Downloaded 198656/205267 bytes (96%)
I: Downloaded 199680/205267 bytes (97%)
I: Downloaded 200704/205267 bytes (97%)
I: Downloaded 201728/205267 bytes (98%)
I: Downloaded 202752/205267 bytes (98%)
I: Downloaded 203776/205267 bytes (99%)
W: Peer closed connection, will re-connect
I: Downloaded 204800/205267 bytes (99%)
I: Reconnecting..
I: Setting up TLS credentials, tag 42
I: Configuring socket timeout (30 s)
I: Connecting to esr.etrogsystems.com
I: Downloaded 205267/205267 bytes (100%)
I: Download complete
I: MCUBoot image upgrade scheduled. Reset device to apply

Kind regards,

Håkon

RE: nrf9160 https certificate

kamacode — Mon, 03 May 2021 11:45:56 GMT

Hello

1. using the AT commands I can see the certificate deployed OK.

2. with AWS this is very surprising behaviur, even if I change the certificate , the FOTA still works OK.

3. with my server it doesn't work.

also from the code messages are very clear:

certificate deployeed OK : "Provisioning certificate"

TLS varification failes: "download_client: No security tag provided for TLS/DTLS."

please advice

RE: nrf9160 https certificate

Øyvind — Tue, 27 Apr 2021 07:35:52 GMT

Thank you for clarifying what sample you were using.

I suggest making this ticket private in order for you to share your certificate. Also, please share full output from application.

In the following function, you see that SEC_TAG is used:

static void update_start(void)
{
	int err;
	char *apn = NULL;

	err = fota_download_start(CONFIG_DOWNLOAD_HOST, CONFIG_DOWNLOAD_FILE,
				  SEC_TAG, apn, 0);
	if (err != 0) {
		update_sample_done();
		printk("fota_download_start() failed, err %d\n", err);
	}
}

This is defines as follows in update.h:

#define TLS_SEC_TAG 42

#ifndef CONFIG_USE_HTTPS
#define SEC_TAG (-1)
#else
#define SEC_TAG (TLS_SEC_TAG)
#endif

Have you verified that your certificates have been provisioned correctly to the modem? Please see modem key management documentation.

Kind regards,
Øyvind

RE: nrf9160 https certificate

kamacode — Mon, 26 Apr 2021 14:00:52 GMT

I did the following steps:

1. used example "http_application_update"

2. tested with AWS bucket, worked well

3. did the following to get my server cert:

openssl s_client -connect esr.etrogsystems.com:443

took the certificate data:

"-----BEGIN CERTIFICATE-----\n"

.......

"-----ENDCERTIFICATE-----\n"

replaced the contant of the file

modified the folling prj parameters:

CONFIG_DOWNLOAD_HOST="esr.etrogsystems.com"
CONFIG_DOWNLOAD_FILE="static/mqtt_update/app_update.bin"

in the project configuration I do not have "CLOUD_CERT_SEC_TAG"

RE: nrf9160 https certificate

Øyvind — Mon, 26 Apr 2021 12:50:30 GMT

What sample did you use, HTTPS Client or AWS FOTA? Can you please provide full output from your device?

Under AWS Fota documentation you will find the CLOUD_CERT_SEC_TAG where the certificate is stored. You need to configure this in your prj.conf along with CONFIG_PROVISION_CERTIFICATES

The KConfig states:

config PROVISION_CERTIFICATES
	depends on !USE_NRF_CLOUD
	bool "Provision certificates from the certificates.h file"
	select MODEM_KEY_MGMT
	default n
	help
	  If enabled, the sample provisions server certificates into
	  the modem by storing the certificates defined in the
	  certificates.h file in the modem under the given security tag.
	  Use this option only once to provision the device.
	  The certificates are stored in the application binary and are
	  therefore shown in the modem trace information. This is a
	  security risk. After provisioning the certificates, turn off
	  this option and compile and program the sample again.
	  Also, do not share the binary that includes the compiled
	  certificates with anyone.

config CLOUD_CERT_SEC_TAG
	depends on !USE_NRF_CLOUD
	int "Security tag for TLS credentials"
	default 12345678

CONFIG_PROVISION_CERTIFICATES=y
CONFIG_CLOUD_CERT_SEC_TAG=nn

RE: nrf9160 https certificate

kamacode — Mon, 26 Apr 2021 11:07:13 GMT

I copied the cert file under "cert" directory, and of course set the certificate new correct file name in the code. that is all I did

RE: nrf9160 https certificate

Øyvind — Mon, 26 Apr 2021 11:04:17 GMT

How did you provision the certificate on the device? What security tag did you add it to?

RE: nrf9160 https certificate

kamacode — Mon, 26 Apr 2021 10:41:54 GMT

1. this is the error I get :

[00:01:36.791,229] <wrn> download_client: No security tag provided for TLS/DTLS.

2. I replaced the certificate of course

RE: nrf9160 https certificate

Øyvind — Mon, 26 Apr 2021 09:41:07 GMT

Hello,

Can you please provide the errors you are receiving? Have you added the certificates to your device?

Kind regards,
Øyvind