Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [leshan-dev] [SPAM] Need information to test X509 certificate authentication client and server

Hi,

   AFIAK, there is not a list like this.
   But If you want to write code, you could have a look to all integrations tests about x509 [1]. or look at demos sources code.

   If you just want to make demos works, you should start from leshan-client-demo option : 


    
                 ================================[X509]==================================

    
                | By default Leshan demo use non secure connection.                    |

    
                | To use X509, -ccert -cprik -scert options should be used together.   |

    
                | To get helps about files format and how to generate it, see :        |

    
                | See https://github.com/eclipse/leshan/wiki/Credential-files-format   |

    
                ------------------------------------------------------------------------

    
 -ccert <arg>   The path to your client certificate file.

    
                The certificate Common Name (CN) should generaly be equal to the client

    
                endpoint name (see -n option).

    
                The certificate should be in X509v3 format (DER encoding).

    
 -scert <arg>   The path to your server certificate file.

    
                The certificate should be in X509v3 format (DER encoding).

    


      So look at the recommanded page to create your certificate with a
      private key and you will have what you need for -cprik -ccert
      option. (warning : by default the certificate Common Name (CN)
      should be equal to the client)

      

      For -scert you need to download it on security tab of server-demo.
      (see https://leshan.eclipseprojects.io/#/security)

      

      Then you should configure the server to make it understand that
      your device will connect using x509. (By adding a new  client
      security configuration with x509 certificate security mode)

      By default DEMO server trust any certificate but in real world you
      need to sign device certificate with a certificate you will put in
      the server truststore.

      

      HTH

    

    
Simon

    

    [1]
https://github.com/eclipse/leshan/blob/leshan-1.1.0/leshan-integration-tests/src/test/java/org/eclipse/leshan/integration/tests/SecurityTest.java#L566

    
  

    

    
Le 08/09/2020 à 16:20, Rahul Miryala a
      écrit :

    

    

      
      
Hi All,
        


        

        
I am trying to test X509 certificate based authentication
          using leshan client and server but I am really confused with
          steps to be followed to test it.

        


        

        
Can someone help in this? Is there any list of steps to be
          followed to test it correctly.

        


        

        


        

        
Thanks

        
Rahul

      

      

      

      
_______________________________________________
leshan-dev mailing list
leshan-dev@xxxxxxxxxxx
To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/leshan-dev


    

  

























  Back to the top