• State Verified Answer
  • Replies 11 replies
  • Subscribers 75 subscribers
  • Views 1782 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 297420
Options

Modem Certificate Management from zephyr Shell(CLI)

Waqar Ahmed

Hi,
I want to update the AWS certificate for Device from CLI at time of Production.
They files including Amazon root Certificate ,Client Cert and Private key are in PEM format. I am using at Wrapper for using AT commands in Zephyr Shell. I am unable to paste the whole certificate in shell due to multiline format of file.
so I removed carriage return and new line character from certs files and make it only single line text in file.
now if I  want use the files as a cert files its not working ,I am not able provision the device.
I am using following AT commands from Zephyr shell at AT%CMNG.

Is there any way that I  give path of text file in this command.
or any other alternative for Device Provisioning other then LTE link monitor terminal.

Thanks 

Parents Reply Children
  • 0 in reply to Waqar Ahmed

    Hi,

     

    Waqar Ahmed said:
    Even  i tried from LTE link command terminal AT%CMNG=0,sec_tag,0,"certficate text" for CA cert,and then in sequence for other
    I am getting the error at the time of connectivity aws connect error -95.

    Just to verify the behavior here. The certificates are written OK, ie. AT%CMNG=... for CA/client/private keys are written successfully, but you cannot connect successfully?

     

    Are you able to connect successfully if use the "at_client" to issue the certificates, and then flash your application?

     

    Kind regards,

    Håkon

  • +1 in reply to Håkon Alseth

    Just to verify the behavior here. The certificates are written OK, ie. AT%CMNG=... for CA/client/private keys are written successfully, but you cannot connect successfully?

    Yes, The response is OK. after each command.

    The Following format I am following with each command.
    AT%CMNG=0,sec_tag,0,"text" CA 

    AT%CMNG=0,sec_tag,1,"text" client Cert

    AT%CMNG=0,sec_tag,2,"text" private key

     I am using AT command terminal on LTE Link monitor.
    Using following C# code i am removing carriage return and new line for file

          text.Replace("\n", "  ").Replace("\r", "  ");

    Are you able to connect successfully if use the "at_client" to issue the certificates, and then flash your application?

       I am going to try through AT client application as well.

    Thanks

  • +1 in reply to Waqar Ahmed

    Hi,

     

    Waqar Ahmed said:

    Using following C# code i am removing carriage return and new line for file

          text.Replace("\n", "  ").Replace("\r", "  ");

    the newline should still be there if you issue using either the C API's for issuing, or use the AT command.

    Example when using the API's to issue a cert, it looks like this:

    https://github.com/nrfconnect/sdk-nrf/blob/v2.1.1/samples/nrf9160/https_client/cert/DigiCertGlobalRootCA.pem#L7-L28

    Here's a picture of how it looks when I issue the AWS Root CA from at_client:

    You can see the \r\n is present on each line.

     

    Kind regards,

    Håkon

Related
Terms of service