Thanks, yup, I succeeded just before reading your answer.
Indeed I wrongly set my array size, and that after 25 years of 'professional' programming, shame on me... :(.
Anyhow, I'm getting pretty close to where I want to be.
Setting up an automatic "secure/authorized" pairing system succeeds pretty well, I just had to add "some" customized code to the current QT BLE implementation... :)
I'm just missing the NFC implementation in Zephyr but that is no longer required for OOB pairing but for putting the secret AES key into the BLE peripheral during the commissioning.
I will come back to the Zephyr forum with some questions about authentication and encryption permissions on the characteristics of services in BLE Zephyr.
It seems when I connect via my QT BLE central application without secure connection with the Zephyr HR peripheral demo applic and without pairing I can always readout the characteristics (of my heart rate service) despite having authorization and security flags set.
But I will open a new topic on this later...
Thanks once more for your response, much appreciated.