Q: SSL certificate and private key file format (PEM vs. DER)?


  • Pybytes Beta

    Hello Daniel, dear all

    does the SSL implementation support client authentication as well (using the code below that works on standard Python)

    c=ssl.wrap_socket(s,
    keyfile="client.key.pem",
    certfile="client.crt.pem",
    ca_certs="ca.crt.pem",
    cert_reqs=ssl.CERT_REQUIRED)

    and what is the format for the certificates and private key? Can .pem be used or does it have to be .der? Or are both supported?

    best regards
    Ralf


  • Pybytes Beta

    Hello Daniel,

    many thanks! I successfully tested the stuff for a https POST with certificate based client authentication on an older (0.9.7.b1) firmware.
    https://twitter.com/_rac01/status/822072047937404931

    best regards
    Ralf



  • Hello Ralph,

    We use mbed TLS and both formats (PEM and DER) are supported. You can use the standard Python API as you suggest. However, due to lack of memory, certificate validation doesn't work since we enabled Bluetooth and we are still working on a solution.

    Cheers,
    Daniel


Log in to reply
 

Pycom on Twitter