Re: Why is TLS_CREDENTIAL_PRIVATE_KEY not implemented


Lubos, Robert
 

I’m afraid you’ve misunderstood the code in there. Just by the fact the `case TLS_CREDENTIAL_PRIVATE_KEY` is empty does not mean that private key management is not implemented (which is more or less explained in the comment).

 

As private key needs to be registered together with its corresponding public certificate, they’re handled together in the condition above. That’s why there’s no need for an action, when private key is encountered:

https://github.com/zephyrproject-rtos/zephyr/blob/master/subsys/net/lib/sockets/sockets_tls.c#L672

 

This mechanism is for instance used in `echo_server` sample, where both private key and server certificate are registered, and later on used in the sample:

https://github.com/zephyrproject-rtos/zephyr/blob/master/samples/net/sockets/echo_server/src/echo-server.c#L63

 

Regards,

Robert

 

From: devel@... [mailto:devel@...] On Behalf Of Linux Weekend Learning via Lists.Zephyrproject.Org
Sent: Monday, March 2, 2020 17:19
To: devel@...
Cc: devel@...
Subject: [Zephyr-devel] Why is TLS_CREDENTIAL_PRIVATE_KEY not implemented

 

I tried to debug my problem and found that  TLS_CREDENTIAL_PRIVATE_KEY is not implemented. I need to set private key and my certificate and both are not implemented. When setting

certificate it is looking for private key which is not stored

This is the code in socket_tls.c file tls_set_credential

 

 case TLS_CREDENTIAL_PRIVATE_KEY:
/* Ignore private key - it will be used together
* with public certificate
*/
break;

Join devel@lists.zephyrproject.org to automatically receive all group messages.