• State Not Answered
  • Replies 3 replies
  • Subscribers 73 subscribers
  • Views 605 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 304487
Options

TCP Socket with TLS

Martin.T

Hello, 

has someone running a working example to open a TCP socket including TLS? Or what is the best base to start?

I am struggeling with the certs and key... is there somewhere a good description 

how i have to provide the certifcates and keys? I have seen examples where 

is quoted each line the certificate with " \n". I have also seen some ".DER" files which have to 

be converted to ".inc" files.... What is the correct way?

Thanks and best regards...

  • 0

    Hi Martin,

    Thank you for contacting DevZone at NordicSemi.

    You may have a look at NCS HTTPS CLIENT sample for 9160 that shows how to setup TLS session.

    For the certificates, please see certificates in modem key management (under modem library)

  • 0

    Hi Martin, 

    I was able to run TCP + TLS on my nrf7002 DK. 

    Let me try to answer your few questions. 

    1. You can refer some of the existing samples from zephyr/nordic documentation.

    2. I used .der certificate with following format. 

    "-----BEGIN CERTIFICATE-----\n"
"MIIFTjCCBDagAwIBAgISBDR12TV11/ITTmCWq/qhU+6XMA0GCSqGSIb3DQEBCwUA\n"
"MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD\n"
"EwJSMzAeFw0yMjEyMTIxMTUzMzVaFw0yMzAzMTIxMTUzMzRaMB4xHDAaBgNVBAMT\n"
"E21haW5uZXQuaW5jdWJlZC5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
"AoIBAQCpNJGCqQGQ7igmuZbhmLsvpYtjIE/xxNd43Qwrl4NPfOU3qpg+i/ncWfnt\n"
"SV/v8KwTYTUXdnFhRHFvo9ydtX+K60Y5lzNbDFMLTN5PxyyZaD4d6yzkO91De7Gj\n"
"rMFmIADTSduAC9w7J8gvGscdeErQZ4HYii8lhxPddJW3SW0nGTfhkz/72zL0ty47\n"
"81WznYqRzUugoIYC7M/OPKV2pnvRoc52jYPc0UNy0p2rs8zyqF+gWYa1ePmaqwJ+\n"
"OYLiVxR7eVsvcXJOc2FTXeCwqcUIeUNwxWy/Ra7DVFrEQzgKl6Hm6K3MXeHwoHTl\n"
"N6WhbsUP2SJN/dljbriWNZR4xmrRAgMBAAGjggJwMIICbDAOBgNVHQ8BAf8EBAMC\n"
"BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAw\n"
"HQYDVR0OBBYEFEDKJojJPlmrBFmA2M8ygwWdx2vbMB8GA1UdIwQYMBaAFBQusxe3\n"
"WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0\n"
"cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5j\n"
"ci5vcmcvMEEGA1UdEQQ6MDiCFGFwcHJvdmVyLmluY3ViZWQubmV0ggtpbmN1YmVk\n"
"Lm5ldIITbWFpbm5ldC5pbmN1YmVkLm5ldDBMBgNVHSAERTBDMAgGBmeBDAECATA3\n"
"BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNy\n"
"eXB0Lm9yZzCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB2ALc++yTfnE26dfI5xbpY\n"
"9Gxd/ELPep81xJ4dCYEl7bSZAAABhQZl2FEAAAQDAEcwRQIhAMEEF3wj8FtuqWOJ\n"
"WNr2BaT/AFtIgESs1IvWRY0OKQWfAiAInjoEk8GlGteKSmfOzI+2Y8JW8FfusTMV\n"
"YoFEWrkmVAB1AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABhQZl\n"
"2GsAAAQDAEYwRAIgc0tyIlqyFvJ+78wa8g9CEy4/oQj9nCiQ20QiEdZYHpcCICwb\n"
"zcURI87UMXaGYYYqEUFGhWiz4r2UXC3hkOYwkXQ4MA0GCSqGSIb3DQEBCwUAA4IB\n"
"AQAnnQ/Y8mfVgQ+mmXrdJbCYYWpa4+q2hhPrlHIV+h9DXYiWNXmuoyxnFrqZj7r9\n"
"z9yJTeZP/wKXm3Q2mkJ5tg57dC2tLST+AJPkq8+tcq186qZzXPBVN5kfEuWVcKDm\n"
"K0qgirvspbbo2KqIsp0UKcozdE33HBzAZZQQ0RkERxELLMKTjn5YkTil2TJoGEdy\n"
"omrM8i6tFpK3SHoj1lP9FON+wWVQP5IvghBp5yyoWjoqQLyuh4jOzd9VifVrs7pb\n"
"CvsZB8qlqUacPLfhQjtIAnGyh2tnTbJHiyWP7v9Xf3PdN2M1S+OqzqdOMlS1F/zh\n"
"qJK34+/0TYIoBjsudHmMMVVC\n"

    3. In order to make TLS work, ensure the versions of zephyr sdk(my case it is ZEPHYR_SDK_VERSION 0.15.2). nerf-connect-sdk version: nrf-connect-sdk-v2.2.99-dev3. 

    4. Below mentioned HTTPS CLIENT sample is the best example for TCP+TLS. 

    5. Always take a little care to configurations.  

    Let me know if you struggle again with TLS. 

    Regards

    Vipin Das

  • 0 in reply to vipin das

    Hi Vipin,

    Do you have any tutorial or sample to create TCP proxy and connect with remote server using server certificate created by CA root certificate.

    It will really helpful.

Related
Terms of service