Hi,
I have a problem for certificate key https with esp-idf V5.1.3. I have hardcoded the certificate key in the code, but after a period of time, the certificate key in my tool becomes outdated. I need a solution for this issue.
Thank you for your support.
Best regards,
Bao Doan
HTTPS ESP-IDF
-
- Posts: 1701
- Joined: Mon Oct 17, 2022 7:38 pm
- Location: Europe, Germany
Re: HTTPS ESP-IDF
Solution 1: Don't make your certificate expire.
Solution 2: Update the firmware whenever you want to replace the certificate.
Solution 3: Store the certificate seperate from your application, e.g. in NVS or a dedicated data partition; then update the certificate from within the firmware (NVS or partition) or by flashing a new certificate to the data partition.
Solution 2: Update the firmware whenever you want to replace the certificate.
Solution 3: Store the certificate seperate from your application, e.g. in NVS or a dedicated data partition; then update the certificate from within the firmware (NVS or partition) or by flashing a new certificate to the data partition.
-
- Posts: 11
- Joined: Tue Jan 30, 2024 2:00 am
Re: HTTPS ESP-IDF
Hi MicroController,
Is there an automatic mechanism to update certificates ?
I currently have certificates stored in a dedicated data partition so they can be updated. So I need a solution to update certificates.
Thanks for your reply.
Best regards,
Bao Doan
Is there an automatic mechanism to update certificates ?
I currently have certificates stored in a dedicated data partition so they can be updated. So I need a solution to update certificates.
Thanks for your reply.
Best regards,
Bao Doan
-
- Posts: 1701
- Joined: Mon Oct 17, 2022 7:38 pm
- Location: Europe, Germany
Re: HTTPS ESP-IDF
Maybe you're looking for an ACME client, like this one; or maybe not.
Re: HTTPS ESP-IDF
Hi, are you storing a Public Key in your certificate? So you are verifying the identity of an SSL partner? Or are you storing a private key, so you are using this key to sign some data, or to send a client-cert in an SSL handshake?
-
- Posts: 11
- Joined: Tue Jan 30, 2024 2:00 am
Re: HTTPS ESP-IDF
Hi greycon,
Currently, I use the key to sign some data, and I am storing a public key.
Currently, I use the key to sign some data, and I am storing a public key.
-
- Posts: 1701
- Joined: Mon Oct 17, 2022 7:38 pm
- Location: Europe, Germany
Re: HTTPS ESP-IDF
We're not getting anywhere here. Please be more specific.
You mentioned HTTPS. Is the certificate in question used for HTTPS? If so, is the ESP running an HTTPS client or server?
You cannot sign data with a public key. So does the ESP sign any data or does it only verify a signature from elsewhere?
Where does the certificate come from? Is it self-signed or signed by a third party (CA, i.e. certificate chain with trusted root certificate)?
You mentioned HTTPS. Is the certificate in question used for HTTPS? If so, is the ESP running an HTTPS client or server?
You cannot sign data with a public key. So does the ESP sign any data or does it only verify a signature from elsewhere?
Where does the certificate come from? Is it self-signed or signed by a third party (CA, i.e. certificate chain with trusted root certificate)?
Who is online
Users browsing this forum: Baidu [Spider] and 92 guests