• AVR Freaks

Hot!Net_Pres with wolfSSL. How to load a certificate.

Author
jCoder
Starting Member
  • Total Posts : 31
  • Reward points : 0
  • Joined: 2015/04/29 10:57:23
  • Location: 0
  • Status: offline
2021/02/26 17:52:26 (permalink)
0

Net_Pres with wolfSSL. How to load a certificate.

PIC32MZ2046EFM100
Harmony v3 (just updated to all of the latest packages)
MPLAB X v5.40
XC32 v2.3
 
I am trying to connect to a website and authenticate the server using an x.509 certificate using TLS 1.3 security.  Eventually I will be connecting to my own server and just passing sensor data, but this is a good starting point. 
 
I am using the wolfssl_tcp_client demo app to get a feel for how the security should work before adding anything to my own project.  This demo app uses the net_pres library as well as the third party wolfSSL library.   I see that net_pres has a couple functions available for reading certificates from a certificate store:
NET_PRES_CertStoreGetCACerts()
NET_PRES_CertStoreGetServerCert()
But I don't see how certificates are loaded in the store.
 
The wolfSSL (v4.5.0) readme specifies that wolfSSL by default will not connect to a server without authenticating using CA cert, so I can't even connect to a secure website without a CA cert.  I'm not sure how to disable this requirement for testing purposes either.  
 
So the question is how/where do I load the certificates? Is the net_pres certificate store even where they should go?  Or do I directly load the cert into the wolfSSL library? 
 
Any suggestions would be appreciated.
Thanks!
 
#1

3 Replies Related Threads

    NKurzman
    A Guy on the Net
    • Total Posts : 19186
    • Reward points : 0
    • Joined: 2008/01/16 19:33:48
    • Location: 0
    • Status: online
    Re: Net_Pres with wolfSSL. How to load a certificate. 2021/02/27 11:08:21 (permalink)
    4 (1)
    You can’t disable the need for a certificate.
    It’s security, it needs a certificate.
    The secure website is not going to accept you without one.
    So your first step is getting a certificate.
    #2
    jCoder
    Starting Member
    • Total Posts : 31
    • Reward points : 0
    • Joined: 2015/04/29 10:57:23
    • Location: 0
    • Status: offline
    Re: Net_Pres with wolfSSL. How to load a certificate. 2021/03/02 09:05:47 (permalink)
    0
    NKurzman
    You can’t disable the need for a certificate.
    It’s security, it needs a certificate.
    The secure website is not going to accept you without one.
    So your first step is getting a certificate.



    @NKurzman thanks for the reply.  
     
     
    My primary objective is figuring out how to tell the NET_PRES library where the certificate is stored.  Or do I bypass NET_PRESS and go straight to wolfssl? Maybe NET_PRES doesn't need to know anything about the certificate?
    #3
    NKurzman
    A Guy on the Net
    • Total Posts : 19186
    • Reward points : 0
    • Joined: 2008/01/16 19:33:48
    • Location: 0
    • Status: online
    Re: Net_Pres with wolfSSL. How to load a certificate. 2021/03/02 16:40:02 (permalink)
    1 (1)
    You will need to look at the Harmony 3 Sample Projects to see where they store the Certificate.
    They may have a Sample Certificate you can use for their sample.  But you need a real Certificate  to connect to real web sites.
    #4
    Jump to:
    © 2021 APG vNext Commercial Version 4.5