File tree Expand file tree Collapse file tree 1 file changed +35
-0
lines changed
libraries/STM32H747_System/examples/WiFiFirmwareUpdater Expand file tree Collapse file tree 1 file changed +35
-0
lines changed Original file line number Diff line number Diff line change 1+ # Managing CA Certs for TLS connections
2+
3+ ## Generating ` certificates.h ` from PEM file:
4+
5+ > [ !NOTE]
6+ > Pre-requisites: ` xxd ` from ` vim ` packages or standalone
7+ ```
8+ xxd -i cacert.pem -n cacert_pem | sed 's/^unsigned/const unsigned/g' > certificates.h
9+ ```
10+
11+ ## Getting PEM file from ` certificates.h `
12+
13+ > [ !NOTE]
14+ > Pre-requisites: ` xxd ` , GNU Tools (Use g-tools on MacOS: e.g., ` gtail ` , ` ghead ` )
15+ ```
16+ cat certificates.h | tail -n +2 | head -n -2 | head -c -7 | xxd -r -p > cacert.pem
17+ ```
18+ ## Listing certifcates in ` certificates.h `
19+
20+ > [ !NOTE]
21+ > Pre-requisites: ` openssl `
22+
23+ ```
24+ cat certificates.h | tail -n +2 | head -n -2 | head -c -7 | xxd -r -p > cacert.pem
25+ openssl crl2pkcs7 -nocrl -certfile cacert.pem | openssl pkcs7 -print_certs | grep '^subject'
26+ ```
27+
28+ ## Adding a new root certificate to ` certificates.h `
29+
30+ > [ !Note]
31+ > The PEM file for the root CA to add, e.g., ` new_root.pem `
32+
33+ ```
34+ cat certificates.h | tail -n +2 | head -n -2 | head -c -7 | xxd -r -p | cat - new_root.pem | xxd -n cacert_pem -i | sed 's/^unsigned/const unsigned/g' > certificates.h
35+ ```
You can’t perform that action at this time.
0 commit comments