<?xml version="1.0" encoding="utf-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
	<channel>
		<title><![CDATA[wolfSSL - Embedded SSL Library — [SOLVED] adding my own certificates]]></title>
		<link>https://www.wolfssl.com/forums/topic1350-solved-adding-my-own-certificates.html</link>
		<atom:link href="https://www.wolfssl.com/forums/feed-rss-topic1350.xml" rel="self" type="application/rss+xml" />
		<description><![CDATA[The most recent posts in [SOLVED] adding my own certificates.]]></description>
		<lastBuildDate>Tue, 23 Apr 2019 22:25:28 +0000</lastBuildDate>
		<generator>PunBB</generator>
		<item>
			<title><![CDATA[Re: [SOLVED] adding my own certificates]]></title>
			<link>https://www.wolfssl.com/forums/post4555.html#p4555</link>
			<description><![CDATA[<p>@m0ot,</p><p>That is good news! Thank you for the status update.</p><p>Regards,</p><p>K</p>]]></description>
			<author><![CDATA[null@example.com (Kaleb J. Himes)]]></author>
			<pubDate>Tue, 23 Apr 2019 22:25:28 +0000</pubDate>
			<guid>https://www.wolfssl.com/forums/post4555.html#p4555</guid>
		</item>
		<item>
			<title><![CDATA[Re: [SOLVED] adding my own certificates]]></title>
			<link>https://www.wolfssl.com/forums/post4551.html#p4551</link>
			<description><![CDATA[<p>hi @Kaleb,</p><p>thanks a lot for your answer. You just helped me a lot by telling me what the -150 error means! By updating the time on the board, the certificates could be loaded successfully. </p><p>Best regards,</p>]]></description>
			<author><![CDATA[null@example.com (m0ot)]]></author>
			<pubDate>Mon, 22 Apr 2019 15:34:07 +0000</pubDate>
			<guid>https://www.wolfssl.com/forums/post4551.html#p4551</guid>
		</item>
		<item>
			<title><![CDATA[Re: [SOLVED] adding my own certificates]]></title>
			<link>https://www.wolfssl.com/forums/post4550.html#p4550</link>
			<description><![CDATA[<p>Hi m0ot,</p><p>-150 = ASN_BEFORE_DATE_E meaning the certificate is issued for some date in the future. Since this is unlikely true if you look at the date range and a current clock you might check that the clock on the device is set correctly. For example if your devices internal clock is set to the year 1995 and the certificate was issued for some date in 2019 - some date in 2029 then you would see the ASN_BEFORE_DATE_E.</p><p>-162 = ASN_NO_PEM_HEADER which means you passed WOLFSSL_FILETYPE_PEM instead of WOLFSSL_FILETYPE_ASN1 for a DER formatted certificate OR the PEM certificate was missing the PEM header.</p><p>Warm Regards,</p><p>K</p>]]></description>
			<author><![CDATA[null@example.com (Kaleb J. Himes)]]></author>
			<pubDate>Mon, 22 Apr 2019 14:41:09 +0000</pubDate>
			<guid>https://www.wolfssl.com/forums/post4550.html#p4550</guid>
		</item>
		<item>
			<title><![CDATA[Re: [SOLVED] adding my own certificates]]></title>
			<link>https://www.wolfssl.com/forums/post4549.html#p4549</link>
			<description><![CDATA[<p>Now, I&#039;ve just tried other ways and I still have the problem...<br />with this function wolfSSL_CTX_load_verify_buffer() I made the same as in the example.<br />With helping of the (xxd) tool in ubuntu, I was able to convert the ca certificate to hex exactly like in certs_test.h and then I tried to load as following:<br /></p><div class="codebox"><pre><code>if ((ret = wolfSSL_CTX_load_verify_buffer(ctx, ca_hex_der_2048,
            sizeof_ca_hex_der_2048, WOLFSSL_FILETYPE_ASN1)) != SSL_SUCCESS) {
            ESP_LOGE(TAG,&quot;ERROR: failed to load %d, please check the file.\n&quot;,ret);
          }</code></pre></div><p>But after flashing the code on the board, the certificate can&#039;t be loaded and I get the error (ERROR: failed to load %d, please check the file), where the error number is -162 or -150. </p><p>I&#039;m not sure how wolfssl converted its der certificates to hex like in certs_test.h but if the way that I used correct then it supposed to work, or not?</p>]]></description>
			<author><![CDATA[null@example.com (m0ot)]]></author>
			<pubDate>Fri, 19 Apr 2019 14:02:13 +0000</pubDate>
			<guid>https://www.wolfssl.com/forums/post4549.html#p4549</guid>
		</item>
		<item>
			<title><![CDATA[Re: [SOLVED] adding my own certificates]]></title>
			<link>https://www.wolfssl.com/forums/post4548.html#p4548</link>
			<description><![CDATA[<p>Hi m0ot,</p><p>I couldn&#039;t find anything immediately wrong with the certificate or your code after a first glance, except for one thing - when you&#039;re passing the buffer to <strong>wolfSSL_CTX_load_verify_buffer</strong>, you should be passing the length of the buffer instead of the size of the pointer variable. When performing <strong>sizeof</strong> calls, if you pass a pointer variable like that it&#039;ll only return the size of the pointer and not the size of the buffer the pointer is referring to.</p><p>If changing this doesn&#039;t resolve your issue, then it may help debug the issue if you enable wolfSSL debugging, and share the error codes that are being encountered when you are attempting to use the modified example.</p>]]></description>
			<author><![CDATA[null@example.com (alex.abrahamson)]]></author>
			<pubDate>Thu, 18 Apr 2019 16:33:08 +0000</pubDate>
			<guid>https://www.wolfssl.com/forums/post4548.html#p4548</guid>
		</item>
		<item>
			<title><![CDATA[[SOLVED] adding my own certificates]]></title>
			<link>https://www.wolfssl.com/forums/post4547.html#p4547</link>
			<description><![CDATA[<p>Hallo,<br />I&#039;m trying to add my certificates to the wolfssl_client example in Espressif<br /><a href="https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples/wolfssl_client">https://github.com/wolfSSL/wolfssl/tree … ssl_client</a><br />however, it doesn&#039;t work with me to add them (ca, crt, key)...</p><p>For example, I&#039;ve tried to add my PEM-formatted CA certificate with helping of this API:</p><p>wolfSSL_CTX_load_verify_buffer() as follows:<br />.<br />.<br />.<br />&nbsp; &nbsp; static const char* ca_cert_der_2048_test =<br />&nbsp; &nbsp; &quot;-----BEGIN CERTIFICATE-----\n&quot;<br />&nbsp; .<br />&nbsp; .<br />&nbsp; &nbsp; &quot;-----END CERTIFICATE-----&quot;;<br />.<br />.</p><p>wolfSSL_CTX_load_verify_buffer(ctx, (const byte*)ca_cert_der_2048_test,<br />&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; sizeof(ca_cert_der_2048_test), WOLFSSL_FILETYPE_PEM)</p><br /><p>OR with this API:</p><p>wolfSSL_CTX_load_verify_locations() as follows:<br />.<br />.<br />.<br />wolfSSL_CTX_load_verify_locations(ctx, &quot;./ca.pem&quot;,&nbsp; NULL)<br />.<br />.<br />.</p><p>Any ideas to do it right and add my own certificates to this example?</p><p>P.S. see attachment in order to see the c file<br />thanks,</p>]]></description>
			<author><![CDATA[null@example.com (m0ot)]]></author>
			<pubDate>Thu, 18 Apr 2019 12:29:14 +0000</pubDate>
			<guid>https://www.wolfssl.com/forums/post4547.html#p4547</guid>
		</item>
	</channel>
</rss>
