• State Verified Answer
  • Locked Locked
  • Replies 2 replies
  • Subscribers 75 subscribers
  • Views 933 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 287043
Options
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

nrf9160 DTLS Certificates with Native Sockets

Anthony Corriveau

I am trying to implement a simple UDP client on the nrf9160 using DTLS Certificate authentication.

I understand that the modem only supports PSK. However, I am trying to implement this with using Native Sockets using the SOCK_NATIVE_TLS flag.

data->udp.sock = socket(addr->sa_family, SOCK_DGRAMSOCK_NATIVE_TLS , IPPROTO_DTLS_1_2 );

I can get the the echo_client DTLS to work with a native_posix board to a dtls_server test application.
But with the nrf9160, something gets lost in the handshaking.
Should DTLS with certificates work using native sockets?
I have tried a nrf9160 DK board as well as a Thingy91. 
I have tried nRF Connect SDK versions 1.7, 1.9.1, and 1.9.9
Parents
  • 0

    Hello, 

    Did you try with our samples that support DTLS, e.g. nRF9160: HTTPS client sample (nrf\samples\nrf9160\https_client\)

    What modem version are you running on your board? Have you verified that you are not seeing the TLS/DTLS limitation, from the mfw_1.3.1 release notes:

    - TLS/DTLS
    - Up to three simultaneous TLS/DTLS connections are possible.
    - Maximum server certificate chain size has a limit of 4kB.
    - Server certificate expiry time is not verified.
    - pkcs#8 is not supported.
    - Absolute maximum number of supported credentials is 32. The actual amount depends on size of
      credentials as memory area reserved for credentials may be a limiting factor as well.
    - DTLS supports PSK authentication only.
    - 2kB secure socket buffer size.

    We will need a modem trace in order to see what is failing.

    Kind regards,
    Øyvind

Reply Children
No Data
Related
Terms of service