Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [tinydtls-dev] x509 certificate

Hi Youssef,
thanks for your tips, i will take a look!

On Thu, 30 Nov 2017 15:20:06 +0100
 Youssef Rekik <youssef.rekik@xxxxxxxxxxx> wrote:
Hi Paolo,

I suggest you give iotivity tinydtls a look. It has X.509 support and I used their patch on tinydtls last time to support X.509 certificates.

Best Regards,

On Nov 30, 2017 13:34, "Veronesi Paolo" <paolo.veronesi@xxxxxxxxxxxxxxxx>

Hi guys,
I need to add x.509 support to my tinyDTLS application.
In this moment i have an implementation like the one proposed in dtls-server.c in which I have ecdsa_priv_key, ecdsa_pub_key_x and ecdsa_pub_key_y hardcoded and i haven't certificate in my PC.

I need that my code loads and send a x.509 certificate and on the other side i would like verify if my certificate is valid contacting a trusted CA.

Now (if i have understand in a correct way the code)
dtls_send_certificate_ecdsa create a certificate during execution and on the other side check_server_certificate checif that certificate is valid
but doesn't contact CA.

I would like know if exist an implementation/example in which are used x.509 certificate to verify the actual identity of our interlocutor, of if doesn't exist an implementation if you have some tips to implement this
kind of solution.

Thanks to all for your answer,
tinydtls-dev mailing list
To change your delivery options, retrieve your password, or unsubscribe
from this list, visit

Back to the top