Is it possible to read TLS certificate expiry date within application

Hello,

Just want to check that is there any mechanism available to check or monitor the expiry date of TLS certificate used in the project? Is there any API available so that application can keep watch on it ?

Thank you!

Regards,

Chetan

Top Replies

Håkon Alseth over 2 years ago +1 verified

Hi, Unfortunately, there's no API or way to read out the expiration of a certificate. You must manually keep track of which certificates that you provide to the nRF and when they expire. Kind…

Parents

+1 Håkon Alseth over 2 years ago

Hi,

Unfortunately, there's no API or way to read out the expiration of a certificate.

You must manually keep track of which certificates that you provide to the nRF and when they expire.

Kind regards,

Håkon
Cancel
Vote Up +1 Vote Down

Sign in to reply

Reject Answer

Cancel

Reply

+1 Håkon Alseth over 2 years ago

Hi,

Unfortunately, there's no API or way to read out the expiration of a certificate.

You must manually keep track of which certificates that you provide to the nRF and when they expire.

Kind regards,

Håkon
Cancel
Vote Up +1 Vote Down

Sign in to reply

Reject Answer

Cancel

Children

0 Chetan Kale over 2 years ago in reply to Håkon Alseth

Hi,

Thank you for the clarification.

Regards,

Chetan
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 kkksss over 2 years ago in reply to Håkon Alseth

Hi,

Trying to verify by reading back the certificates and comparing with a CRC.

I'm able to read the CA_CHAIN, but cannot read the Public_Cert and the Private_Cert.

Is that for obvious security reasons that you wouldn't be able to read those certs?

In that case is there a way for getting a length or a checksum of those fields?

I have used the modem_key_mgmt_cmp and that works for all the above three certificates.

That is probably sufficient to confirm that the fields have been written successfully.

Thank you
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel