TCP Socket with TLS

Hello, 

has someone running a working example to open a TCP socket including TLS? Or what is the best base to start?

I am struggeling with the certs and key... is there somewhere a good description 

how i have to provide the certifcates and keys? I have seen examples where 

is quoted each line the certificate with " \n". I have also seen some ".DER" files which have to 

be converted to ".inc" files.... What is the correct way?

Thanks and best regards...

Parents
  • Hi Martin, 

    I was able to run TCP + TLS on my nrf7002 DK. 

    Let me try to answer your few questions. 

    1. You can refer some of the existing samples from zephyr/nordic documentation.

    2. I used .der certificate with following format. 

    "-----BEGIN CERTIFICATE-----\n"
    "MIIFTjCCBDagAwIBAgISBDR12TV11/ITTmCWq/qhU+6XMA0GCSqGSIb3DQEBCwUA\n"
    "MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD\n"
    "EwJSMzAeFw0yMjEyMTIxMTUzMzVaFw0yMzAzMTIxMTUzMzRaMB4xHDAaBgNVBAMT\n"
    "E21haW5uZXQuaW5jdWJlZC5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
    "AoIBAQCpNJGCqQGQ7igmuZbhmLsvpYtjIE/xxNd43Qwrl4NPfOU3qpg+i/ncWfnt\n"
    "SV/v8KwTYTUXdnFhRHFvo9ydtX+K60Y5lzNbDFMLTN5PxyyZaD4d6yzkO91De7Gj\n"
    "rMFmIADTSduAC9w7J8gvGscdeErQZ4HYii8lhxPddJW3SW0nGTfhkz/72zL0ty47\n"
    "81WznYqRzUugoIYC7M/OPKV2pnvRoc52jYPc0UNy0p2rs8zyqF+gWYa1ePmaqwJ+\n"
    "OYLiVxR7eVsvcXJOc2FTXeCwqcUIeUNwxWy/Ra7DVFrEQzgKl6Hm6K3MXeHwoHTl\n"
    "N6WhbsUP2SJN/dljbriWNZR4xmrRAgMBAAGjggJwMIICbDAOBgNVHQ8BAf8EBAMC\n"
    "BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAw\n"
    "HQYDVR0OBBYEFEDKJojJPlmrBFmA2M8ygwWdx2vbMB8GA1UdIwQYMBaAFBQusxe3\n"
    "WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0\n"
    "cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5j\n"
    "ci5vcmcvMEEGA1UdEQQ6MDiCFGFwcHJvdmVyLmluY3ViZWQubmV0ggtpbmN1YmVk\n"
    "Lm5ldIITbWFpbm5ldC5pbmN1YmVkLm5ldDBMBgNVHSAERTBDMAgGBmeBDAECATA3\n"
    "BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNy\n"
    "eXB0Lm9yZzCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB2ALc++yTfnE26dfI5xbpY\n"
    "9Gxd/ELPep81xJ4dCYEl7bSZAAABhQZl2FEAAAQDAEcwRQIhAMEEF3wj8FtuqWOJ\n"
    "WNr2BaT/AFtIgESs1IvWRY0OKQWfAiAInjoEk8GlGteKSmfOzI+2Y8JW8FfusTMV\n"
    "YoFEWrkmVAB1AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABhQZl\n"
    "2GsAAAQDAEYwRAIgc0tyIlqyFvJ+78wa8g9CEy4/oQj9nCiQ20QiEdZYHpcCICwb\n"
    "zcURI87UMXaGYYYqEUFGhWiz4r2UXC3hkOYwkXQ4MA0GCSqGSIb3DQEBCwUAA4IB\n"
    "AQAnnQ/Y8mfVgQ+mmXrdJbCYYWpa4+q2hhPrlHIV+h9DXYiWNXmuoyxnFrqZj7r9\n"
    "z9yJTeZP/wKXm3Q2mkJ5tg57dC2tLST+AJPkq8+tcq186qZzXPBVN5kfEuWVcKDm\n"
    "K0qgirvspbbo2KqIsp0UKcozdE33HBzAZZQQ0RkERxELLMKTjn5YkTil2TJoGEdy\n"
    "omrM8i6tFpK3SHoj1lP9FON+wWVQP5IvghBp5yyoWjoqQLyuh4jOzd9VifVrs7pb\n"
    "CvsZB8qlqUacPLfhQjtIAnGyh2tnTbJHiyWP7v9Xf3PdN2M1S+OqzqdOMlS1F/zh\n"
    "qJK34+/0TYIoBjsudHmMMVVC\n"

    3. In order to make TLS work, ensure the versions of zephyr sdk(my case it is ZEPHYR_SDK_VERSION 0.15.2). nerf-connect-sdk version: nrf-connect-sdk-v2.2.99-dev3. 

    4. Below mentioned HTTPS CLIENT sample is the best example for TCP+TLS. 

    5. Always take a little care to configurations.  

    Let me know if you struggle again with TLS. 

    Regards

    Vipin Das

  • Hi Vipin,

    Do you have any tutorial or sample to create TCP proxy and connect with remote server using server certificate created by CA root certificate.

    It will really helpful.

Reply Children
No Data
Related