diff --git a/examples/protocols/esp_local_ctrl/README.md b/examples/protocols/esp_local_ctrl/README.md index 5df67bec5e..18a78a59c8 100644 --- a/examples/protocols/esp_local_ctrl/README.md +++ b/examples/protocols/esp_local_ctrl/README.md @@ -13,7 +13,7 @@ Note, that this example in not supported for IPv6-only configuration. ## Client Side Implementation -A python test script `scripts/esp_local_ctrl.py` has been provided for as a client side application for controlling the device over the same Wi-Fi network. The script relies on a pre-generated `main/certs/rootCA.pem` to verify the server certificate. The server side private key and certificate can also be found under `main/certs`, namely `prvtkey.pem` and `cacert.pem`. +A python test script `scripts/esp_local_ctrl.py` has been provided for as a client side application for controlling the device over the same Wi-Fi network. The script relies on a pre-generated `main/certs/rootCA.pem` to verify the server certificate. The server side private key and certificate can also be found under `main/certs`, namely `prvtkey.pem` and `servercert.pem`. After configuring the Wi-Fi, flashing and booting the device, run the following command to test the device name resolution through mDNS: @@ -91,7 +91,7 @@ You can generate a new server certificate using the OpenSSL command line tool. For the purpose of this example, lets generate a rootCA, which we will use to sign the server certificates and which the client will use to verify the server certificate during SSL handshake. You will need to set a password for encrypting the generated `rootkey.pem`. ``` -openssl req -new -x509 -subj "/CN=root" -days 3650 -sha256 -out rootCA.pem -keyout rootkey.pem +openssl req -new -x509 -subj "/CN=root" -days 3650 -sha256 -out rootCA.pem -keyout rootkey.pem -addext "keyUsage=critical,digitalSignature,keyCertSign" ``` Now generate a certificate signing request for the server, along with its private key `prvtkey.pem`. @@ -100,13 +100,13 @@ Now generate a certificate signing request for the server, along with its privat openssl req -newkey rsa:2048 -nodes -keyout prvtkey.pem -days 3650 -out server.csr -subj "/CN=my_esp_ctrl_device.local" ``` -Now use the previously generated rootCA to process the server's certificate signing request, and generate a signed certificate `cacert.pem`. The password set for encrypting `rootkey.pem` earlier, has to be entered during this step. +Now use the previously generated rootCA to process the server's certificate signing request, and generate a signed certificate `servercert.pem`. The password set for encrypting `rootkey.pem` earlier, has to be entered during this step. ``` -openssl x509 -req -in server.csr -CA rootCA.pem -CAkey rootkey.pem -CAcreateserial -out cacert.pem -days 500 -sha256 +openssl x509 -req -in server.csr -CA rootCA.pem -CAkey rootkey.pem -CAcreateserial -out servercert.pem -days 500 -sha256 ``` -Now that we have `rootCA.pem`, `cacert.pem` and `prvtkey.pem`, copy these into main/certs. Note that only the server related files (`cacert.pem` and `prvtkey.pem`) are embedded into the firmware. +Now that we have `rootCA.pem`, `servercert.pem` and `prvtkey.pem`, copy these into main/certs. Note that only the server related files (`servercert.pem` and `prvtkey.pem`) are embedded into the firmware. Expiry time and metadata fields can be adjusted in the invocation. diff --git a/examples/protocols/esp_local_ctrl/main/certs/rootCA.pem b/examples/protocols/esp_local_ctrl/main/certs/rootCA.pem index 28b3b22699..2457f87ad3 100644 --- a/examples/protocols/esp_local_ctrl/main/certs/rootCA.pem +++ b/examples/protocols/esp_local_ctrl/main/certs/rootCA.pem @@ -1,16 +1,19 @@ -----BEGIN CERTIFICATE----- -MIICmjCCAYICCQCOEQkjYe2QMTANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARy -b290MB4XDTIwMTExMDExMjgyOVoXDTMwMTExMDExMjgyOVowDzENMAsGA1UEAwwE -cm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOqS7H7+XeFNcf5m -qlH04t0ru56MCDYv9JV3byILgUnk1j+ld74m2q4T+Xxiw5ruMXh41W2xryMLF3+3 -jql8b7isJFwCXud4/WLr4KzCEKgqvr6Nez9Hb9rIBbQsGWtDTjfe06F/D9Zioyt3 -RnoT+5ItpX0+9IJn3TmAx7g1wU2dlXeaTp48RWPtJBqxp80Lq4SR3CdxI9+eVHv9 -sRA3sI9ggqFWzDNJDiTLZoJU1Z+n/MnHTUBt7WRZcMToMsHbj2Gtd4LruB3J46qO -bjoL4im9oUrfXJZh87nW9KQ/+gOVv8t0zU70A/JMrazb/YnE6xO7+40JfrGNuFMm -ZyylUyECAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAvCJMjXDNO/zUv7SBlr8hlHse -KprCDEp91DlXsewpTB3h6s1gyZzDCygPtz80qRD6zy+T4r1veaYQeLecsIyfYNV1 -qnhNPpHnxjuXrrVwpEYOk/aP0yVlv0PiHsjyxzblLQPomX4m43Ec8/wW0Nlw0Aau -K0sD5+Mv/3NNQIneGFsLF4JPRkJwLjSbjPdKLpjWdLsTKQwVg0FIslzI9RmBIQIq -Nz2RWNHSqfGzsRpne9deqx9/9M4N8URUcmo0j7Ly7mYuxTkF7sft6sxbWDYQx1S1 -4GjAEFWe4352O0sFl0PWr+o8rd245yAu5SEahRFvjvnSNg8VlYcnezBmsp2rbQ== +MIIDDzCCAfegAwIBAgIUdplZAINp6jYpsMaG467s9Km4eHswDQYJKoZIhvcNAQEL +BQAwDzENMAsGA1UEAwwEcm9vdDAeFw0yNTA0MDIwNzM1MTdaFw0zNTAzMzEwNzM1 +MTdaMA8xDTALBgNVBAMMBHJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK +AoIBAQCavBVGCVrDZHhLqx19GrYKH+MocUYItc6uD00gK8O9MthZMRoUkKCjiJfb +8J3U9ufYdGHY/dZtXt9Ua+dadvdFh0u6PfGOZhbvMBAZNyWDyEVeV/CMYM946UXh +FNFxjP6tt5Z0HtitApe94k5kSGXvjpnwacQVLn88tIUtdQPpm2RfH3DOoTMjViQh +7a3ItPuwXJOXBFWeCZXmEPPjZO5xBOHjZLqWxyfolHm/XfWOqBXExb1SmTEk1EBo +z/wA0ORJYwewn2fgZP5o0Ou88SXcji7Rjn3CoWFottS2rxsz747jjtXJoieFA3fk +Qztu4QdPKsUIqevh/S+jtDi3JlozAgMBAAGjYzBhMB0GA1UdDgQWBBRy39hjtY/p +Dorc1bZdeISNsne+9jAfBgNVHSMEGDAWgBRy39hjtY/pDorc1bZdeISNsne+9jAP +BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIChDANBgkqhkiG9w0BAQsFAAOC +AQEAa3EFXSXZ/wm1FGmvliXonhZsK88B11dscs5kxPPszbseHStg75n5ZfAHui7K +vZHJG1Pg3Rtaq7hDO+VeTGgSFq8kxQxS8wQRNRf7HI602jTmNeyccCW6XM4u3+bN +qbPFcTgJraceLSUCdYGE4ZPYK/8y5tfVafRbV08UBZ2bgqS9FmKQTPhohF6RBZ2s +m8rIKhtRca6LbX+3txpExnYzbOMtaC1TA58MspGujuV36xTGsrbS/cR9QU1CVyBL +e1p6W50YLtb82br/wou6WNY5QoTCQKV3eqq+Z76wOqdf6d9dMlIyl1Q0RZjOEysM +9VwHi6ONS9sYTuk8C99L0ewQ/Q== -----END CERTIFICATE----- diff --git a/examples/protocols/esp_local_ctrl/main/certs/servercert.pem b/examples/protocols/esp_local_ctrl/main/certs/servercert.pem index 243f99ac05..1acc6dd497 100644 --- a/examples/protocols/esp_local_ctrl/main/certs/servercert.pem +++ b/examples/protocols/esp_local_ctrl/main/certs/servercert.pem @@ -1,17 +1,19 @@ -----BEGIN CERTIFICATE----- -MIICrjCCAZYCCQDGnK9OU3UN2TANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARy -b290MB4XDTIwMTExMDExMzExNVoXDTMwMTExMDExMzExNVowIzEhMB8GA1UEAwwY -bXlfZXNwX2N0cmxfZGV2aWNlLmxvY2FsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A -MIIBCgKCAQEA2NgeOgHTX6yURoB8u3BAphDMTlp/Ar8oAtoO+xqIPw1sZKmhJLAS -bfKkHKhi7pr/h31xOHqzTxlPkUzWpfszFx5YiDFYtiIlcObrgk83u3CtvBw7wuZ6 -BA/01hkiSGgkAFD/xnRNLKgidTu1tCIa2QY7Jnp+HdJz6yJws1/WAzn2lsXcJwSd -6tPu2U0lhE2w6ylCdLYD3upveo/80WArQqNg6bv6Wbz8iL18E87enpwfHMA7ZN+S -sDq7HACRjapAkcimjbzkrh7/f9Nr6c8KpPyeiWyHFxVTbmEj4NMG9IpbTKp9CMAt -ysmiPYAYNFXsTHjoRVf4EbfHbxGHobUwewIDAQABMA0GCSqGSIb3DQEBCwUAA4IB -AQBWg9Xh1MG4d4gGGx920OJBm+qQ9XY9oV2Aap81ZYshgBlnUKoKLhYolp/CHXyr -IXy7YA01ASX2wzohguqakdo0ghYkhwuRoly+0+uzphmqyMqXnTUDCgEcZF4l90xl -jRdMenqEgfOXDNk2VAK/rmAZ2jZsaGpBI4NRbEdwH1MVd61g2NVBk0nEI73cW6Ki -BPxMw2aGFizTwcPT9gwbQgLdLZeEuvcPrdzK5swqccZ+MBHMcwW/qvcmwqJGeLL2 -zmx7o2ODQyElIKLKUDWAFIYrb7DXR4oajjhUa0+SOj9Ydj/5+eZ+Wx7NJoG+oH7N -DB0jK2qB8eexplQj1KLWS2Un +MIIDAjCCAeqgAwIBAgIUTYhcWJl9maLjHahTSmFZ/vxNraUwDQYJKoZIhvcNAQEL +BQAwDzENMAsGA1UEAwwEcm9vdDAeFw0yNTA0MDIwNzM1NDdaFw0yNjA4MTUwNzM1 +NDdaMCMxITAfBgNVBAMMGG15X2VzcF9jdHJsX2RldmljZS5sb2NhbDCCASIwDQYJ +KoZIhvcNAQEBBQADggEPADCCAQoCggEBANjYHjoB01+slEaAfLtwQKYQzE5afwK/ +KALaDvsaiD8NbGSpoSSwEm3ypByoYu6a/4d9cTh6s08ZT5FM1qX7MxceWIgxWLYi +JXDm64JPN7twrbwcO8LmegQP9NYZIkhoJABQ/8Z0TSyoInU7tbQiGtkGOyZ6fh3S +c+sicLNf1gM59pbF3CcEnerT7tlNJYRNsOspQnS2A97qb3qP/NFgK0KjYOm7+lm8 +/Ii9fBPO3p6cHxzAO2TfkrA6uxwAkY2qQJHIpo285K4e/3/Ta+nPCqT8nolshxcV +U25hI+DTBvSKW0yqfQjALcrJoj2AGDRV7Ex46EVX+BG3x28Rh6G1MHsCAwEAAaNC +MEAwHQYDVR0OBBYEFIWrRCcd0EsQ14unaT9rQ8fxfXlDMB8GA1UdIwQYMBaAFHLf +2GO1j+kOitzVtl14hI2yd772MA0GCSqGSIb3DQEBCwUAA4IBAQBxGemDnMNibZag +C9zrz42c7Ag8MqjojoPqTghGfGN8NGmEylYossCpd/fVP2QriH9TB1cQhtV5AEgS +xipJr6ktjnxZjLcwfjxSrtHbwCGuXLtPNIqOEMPWvCxTWEnWkzNy6Mn9qSAwms6g +dQ7V2YU3nb7FTco9jt2V3JOXM/Yr1CbUHv27yycTpZSxSQAyp3U2xqC3snEbvlL4 +Awp0j7tT5pR/JcfT0Fl0fgfoeRkdkJK1NWldzFs3G+A4DLKgFwyQHfT9Hlh5IU7a +4EtiavtsyNXtQPJLZajbdag06taQnQ6p6aqoiQnwcSHDjWtuCueSDVGN2rv1kWbt +pYByeDAW -----END CERTIFICATE----- diff --git a/examples/protocols/https_server/simple/README.md b/examples/protocols/https_server/simple/README.md index 78401a1b02..b5f7833ce3 100644 --- a/examples/protocols/https_server/simple/README.md +++ b/examples/protocols/https_server/simple/README.md @@ -40,7 +40,7 @@ as trusted. You can generate a new certificate using the OpenSSL command line tool: ``` -openssl req -newkey rsa:2048 -nodes -keyout prvtkey.pem -x509 -days 3650 -out cacert.pem -subj "/CN=ESP32 HTTPS server example" +openssl req -newkey rsa:2048 -nodes -keyout prvtkey.pem -x509 -days 3650 -out servercert.pem -subj "/CN=ESP32 HTTPS server example" -addext "keyUsage=critical,digitalSignature,keyCertSign" ``` Expiry time and metadata fields can be adjusted in the invocation. diff --git a/examples/protocols/https_server/simple/main/certs/servercert.pem b/examples/protocols/https_server/simple/main/certs/servercert.pem index cd2b80c824..d3faa2929b 100644 --- a/examples/protocols/https_server/simple/main/certs/servercert.pem +++ b/examples/protocols/https_server/simple/main/certs/servercert.pem @@ -1,19 +1,20 @@ -----BEGIN CERTIFICATE----- -MIIDKzCCAhOgAwIBAgIUBxM3WJf2bP12kAfqhmhhjZWv0ukwDQYJKoZIhvcNAQEL -BQAwJTEjMCEGA1UEAwwaRVNQMzIgSFRUUFMgc2VydmVyIGV4YW1wbGUwHhcNMTgx -MDE3MTEzMjU3WhcNMjgxMDE0MTEzMjU3WjAlMSMwIQYDVQQDDBpFU1AzMiBIVFRQ +MIIDOzCCAiOgAwIBAgIUG/S51QF4EeUkdaqg54oogqIKBZkwDQYJKoZIhvcNAQEL +BQAwJTEjMCEGA1UEAwwaRVNQMzIgSFRUUFMgc2VydmVyIGV4YW1wbGUwHhcNMjUw +NDAyMDcwMzI2WhcNMzUwMzMxMDcwMzI2WjAlMSMwIQYDVQQDDBpFU1AzMiBIVFRQ UyBzZXJ2ZXIgZXhhbXBsZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB ALBint6nP77RCQcmKgwPtTsGK0uClxg+LwKJ3WXuye3oqnnjqJCwMEneXzGdG09T sA0SyNPwrEgebLCH80an3gWU4pHDdqGHfJQa2jBL290e/5L5MB+6PTs2NKcojK/k qcZkn58MWXhDW1NpAnJtjVniK2Ksvr/YIYSbyD+JiEs0MGxEx+kOl9d7hRHJaIzd GF/vO2pl295v1qXekAlkgNMtYIVAjUy9CMpqaQBCQRL+BmPSJRkXBsYk8GPnieS4 sUsp53DsNvCCtWDT6fd9D1v+BB6nDk/FCPKhtjYOwOAZlX4wWNSZpRNr5dfrxKsb -jAn4PCuR2akdF4G8WLUeDWECAwEAAaNTMFEwHQYDVR0OBBYEFMnmdJKOEepXrHI/ +jAn4PCuR2akdF4G8WLUeDWECAwEAAaNjMGEwHQYDVR0OBBYEFMnmdJKOEepXrHI/ ivM6mVqJgAX8MB8GA1UdIwQYMBaAFMnmdJKOEepXrHI/ivM6mVqJgAX8MA8GA1Ud -EwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBADiXIGEkSsN0SLSfCF1VNWO3 -emBurfOcDq4EGEaxRKAU0814VEmU87btIDx80+z5Dbf+GGHCPrY7odIkxGNn0DJY -W1WcF+DOcbiWoUN6DTkAML0SMnp8aGj9ffx3x+qoggT+vGdWVVA4pgwqZT7Ybntx -bkzcNFW0sqmCv4IN1t4w6L0A87ZwsNwVpre/j6uyBw7s8YoJHDLRFT6g7qgn0tcN -ZufhNISvgWCVJQy/SZjNBHSpnIdCUSJAeTY2mkM4sGxY0Widk8LnjydxZUSxC3Nl -hb6pnMh3jRq4h0+5CZielA4/a+TdrNPv/qok67ot/XJdY3qHCCd8O2b14OVq9jo= +EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgKEMA0GCSqGSIb3DQEBCwUAA4IBAQBP +AgAagM33DqsDi+UArUxEoqmov1rH0PHXnd/a6Ct/IvNzr0qUH8hW4Lv0tWHfOJY8 +pCf7bkejxXlhP/QHb6M+sobN9tN/WupEaeqNg4pCWi+6Caj2uFW9vkQQf2j50lMg +R0oxnd6SMEQArzy3f3yYRp8rliPERY6F2Rtb9HJNh53K51FE60xONPLZ/1dtSgDB +KcJseZfhg6oAUSLjFCYJEn5xa7CsIuQ8Jx2xMo4IkU44BJ8TJS4zw/hP1/vVjjvS +uU2Z0ZOUCQ78/3eMnsFfLMtDUYqXPyhNogm51GeHOR6dk+ICQ+c5gCDkJUnOTqzg +G2JUmXAXxJoUZDfalijl -----END CERTIFICATE----- diff --git a/examples/protocols/https_server/simple/pytest_https_server_simple.py b/examples/protocols/https_server/simple/pytest_https_server_simple.py index 1cff1d21cc..681fcf465e 100644 --- a/examples/protocols/https_server/simple/pytest_https_server_simple.py +++ b/examples/protocols/https_server/simple/pytest_https_server_simple.py @@ -12,25 +12,28 @@ import pytest from common_test_methods import get_env_config_variable from pytest_embedded import Dut -server_cert_pem = '-----BEGIN CERTIFICATE-----\n'\ - 'MIIDKzCCAhOgAwIBAgIUBxM3WJf2bP12kAfqhmhhjZWv0ukwDQYJKoZIhvcNAQEL\n'\ - 'BQAwJTEjMCEGA1UEAwwaRVNQMzIgSFRUUFMgc2VydmVyIGV4YW1wbGUwHhcNMTgx\n'\ - 'MDE3MTEzMjU3WhcNMjgxMDE0MTEzMjU3WjAlMSMwIQYDVQQDDBpFU1AzMiBIVFRQ\n'\ - 'UyBzZXJ2ZXIgZXhhbXBsZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n'\ - 'ALBint6nP77RCQcmKgwPtTsGK0uClxg+LwKJ3WXuye3oqnnjqJCwMEneXzGdG09T\n'\ - 'sA0SyNPwrEgebLCH80an3gWU4pHDdqGHfJQa2jBL290e/5L5MB+6PTs2NKcojK/k\n'\ - 'qcZkn58MWXhDW1NpAnJtjVniK2Ksvr/YIYSbyD+JiEs0MGxEx+kOl9d7hRHJaIzd\n'\ - 'GF/vO2pl295v1qXekAlkgNMtYIVAjUy9CMpqaQBCQRL+BmPSJRkXBsYk8GPnieS4\n'\ - 'sUsp53DsNvCCtWDT6fd9D1v+BB6nDk/FCPKhtjYOwOAZlX4wWNSZpRNr5dfrxKsb\n'\ - 'jAn4PCuR2akdF4G8WLUeDWECAwEAAaNTMFEwHQYDVR0OBBYEFMnmdJKOEepXrHI/\n'\ - 'ivM6mVqJgAX8MB8GA1UdIwQYMBaAFMnmdJKOEepXrHI/ivM6mVqJgAX8MA8GA1Ud\n'\ - 'EwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBADiXIGEkSsN0SLSfCF1VNWO3\n'\ - 'emBurfOcDq4EGEaxRKAU0814VEmU87btIDx80+z5Dbf+GGHCPrY7odIkxGNn0DJY\n'\ - 'W1WcF+DOcbiWoUN6DTkAML0SMnp8aGj9ffx3x+qoggT+vGdWVVA4pgwqZT7Ybntx\n'\ - 'bkzcNFW0sqmCv4IN1t4w6L0A87ZwsNwVpre/j6uyBw7s8YoJHDLRFT6g7qgn0tcN\n'\ - 'ZufhNISvgWCVJQy/SZjNBHSpnIdCUSJAeTY2mkM4sGxY0Widk8LnjydxZUSxC3Nl\n'\ - 'hb6pnMh3jRq4h0+5CZielA4/a+TdrNPv/qok67ot/XJdY3qHCCd8O2b14OVq9jo=\n'\ - '-----END CERTIFICATE-----\n' +server_cert_pem = ( + '-----BEGIN CERTIFICATE-----\n' + 'MIIDOzCCAiOgAwIBAgIUG/S51QF4EeUkdaqg54oogqIKBZkwDQYJKoZIhvcNAQEL\n' + 'BQAwJTEjMCEGA1UEAwwaRVNQMzIgSFRUUFMgc2VydmVyIGV4YW1wbGUwHhcNMjUw\n' + 'NDAyMDcwMzI2WhcNMzUwMzMxMDcwMzI2WjAlMSMwIQYDVQQDDBpFU1AzMiBIVFRQ\n' + 'UyBzZXJ2ZXIgZXhhbXBsZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n' + 'ALBint6nP77RCQcmKgwPtTsGK0uClxg+LwKJ3WXuye3oqnnjqJCwMEneXzGdG09T\n' + 'sA0SyNPwrEgebLCH80an3gWU4pHDdqGHfJQa2jBL290e/5L5MB+6PTs2NKcojK/k\n' + 'qcZkn58MWXhDW1NpAnJtjVniK2Ksvr/YIYSbyD+JiEs0MGxEx+kOl9d7hRHJaIzd\n' + 'GF/vO2pl295v1qXekAlkgNMtYIVAjUy9CMpqaQBCQRL+BmPSJRkXBsYk8GPnieS4\n' + 'sUsp53DsNvCCtWDT6fd9D1v+BB6nDk/FCPKhtjYOwOAZlX4wWNSZpRNr5dfrxKsb\n' + 'jAn4PCuR2akdF4G8WLUeDWECAwEAAaNjMGEwHQYDVR0OBBYEFMnmdJKOEepXrHI/\n' + 'ivM6mVqJgAX8MB8GA1UdIwQYMBaAFMnmdJKOEepXrHI/ivM6mVqJgAX8MA8GA1Ud\n' + 'EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgKEMA0GCSqGSIb3DQEBCwUAA4IBAQBP\n' + 'AgAagM33DqsDi+UArUxEoqmov1rH0PHXnd/a6Ct/IvNzr0qUH8hW4Lv0tWHfOJY8\n' + 'pCf7bkejxXlhP/QHb6M+sobN9tN/WupEaeqNg4pCWi+6Caj2uFW9vkQQf2j50lMg\n' + 'R0oxnd6SMEQArzy3f3yYRp8rliPERY6F2Rtb9HJNh53K51FE60xONPLZ/1dtSgDB\n' + 'KcJseZfhg6oAUSLjFCYJEn5xa7CsIuQ8Jx2xMo4IkU44BJ8TJS4zw/hP1/vVjjvS\n' + 'uU2Z0ZOUCQ78/3eMnsFfLMtDUYqXPyhNogm51GeHOR6dk+ICQ+c5gCDkJUnOTqzg\n' + 'G2JUmXAXxJoUZDfalijl\n' + '-----END CERTIFICATE-----\n' +) client_cert_pem = '-----BEGIN CERTIFICATE-----\n' \ 'MIID7TCCAtWgAwIBAgIUBdm7RStsshnl3CCpknSJhXQK4GcwDQYJKoZIhvcNAQEL\n' \ diff --git a/examples/protocols/https_server/wss_server/README.md b/examples/protocols/https_server/wss_server/README.md index e04e46ef2c..a437744ca4 100644 --- a/examples/protocols/https_server/wss_server/README.md +++ b/examples/protocols/https_server/wss_server/README.md @@ -53,7 +53,7 @@ as trusted. You can generate a new certificate using the OpenSSL command line tool: ``` -openssl req -newkey rsa:2048 -nodes -keyout prvtkey.pem -x509 -days 3650 -out cacert.pem -subj "/CN=ESP32 HTTPS server example" +openssl req -newkey rsa:2048 -nodes -keyout prvtkey.pem -x509 -days 3650 -out servercert.pem -subj "/CN=ESP32 HTTPS server example" -addext "keyUsage=critical,digitalSignature,keyCertSign" ``` Expiry time and metadata fields can be adjusted in the invocation. diff --git a/examples/protocols/https_server/wss_server/main/certs/servercert.pem b/examples/protocols/https_server/wss_server/main/certs/servercert.pem index cd2b80c824..d808fa9b04 100644 --- a/examples/protocols/https_server/wss_server/main/certs/servercert.pem +++ b/examples/protocols/https_server/wss_server/main/certs/servercert.pem @@ -1,19 +1,20 @@ -----BEGIN CERTIFICATE----- -MIIDKzCCAhOgAwIBAgIUBxM3WJf2bP12kAfqhmhhjZWv0ukwDQYJKoZIhvcNAQEL -BQAwJTEjMCEGA1UEAwwaRVNQMzIgSFRUUFMgc2VydmVyIGV4YW1wbGUwHhcNMTgx -MDE3MTEzMjU3WhcNMjgxMDE0MTEzMjU3WjAlMSMwIQYDVQQDDBpFU1AzMiBIVFRQ +MIIDOzCCAiOgAwIBAgIUGtx0JiogvT3DlTnZ3+tAT7Tr5JEwDQYJKoZIhvcNAQEL +BQAwJTEjMCEGA1UEAwwaRVNQMzIgSFRUUFMgc2VydmVyIGV4YW1wbGUwHhcNMjUw +NDAyMDcwNzE1WhcNMzUwMzMxMDcwNzE1WjAlMSMwIQYDVQQDDBpFU1AzMiBIVFRQ UyBzZXJ2ZXIgZXhhbXBsZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB ALBint6nP77RCQcmKgwPtTsGK0uClxg+LwKJ3WXuye3oqnnjqJCwMEneXzGdG09T sA0SyNPwrEgebLCH80an3gWU4pHDdqGHfJQa2jBL290e/5L5MB+6PTs2NKcojK/k qcZkn58MWXhDW1NpAnJtjVniK2Ksvr/YIYSbyD+JiEs0MGxEx+kOl9d7hRHJaIzd GF/vO2pl295v1qXekAlkgNMtYIVAjUy9CMpqaQBCQRL+BmPSJRkXBsYk8GPnieS4 sUsp53DsNvCCtWDT6fd9D1v+BB6nDk/FCPKhtjYOwOAZlX4wWNSZpRNr5dfrxKsb -jAn4PCuR2akdF4G8WLUeDWECAwEAAaNTMFEwHQYDVR0OBBYEFMnmdJKOEepXrHI/ +jAn4PCuR2akdF4G8WLUeDWECAwEAAaNjMGEwHQYDVR0OBBYEFMnmdJKOEepXrHI/ ivM6mVqJgAX8MB8GA1UdIwQYMBaAFMnmdJKOEepXrHI/ivM6mVqJgAX8MA8GA1Ud -EwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBADiXIGEkSsN0SLSfCF1VNWO3 -emBurfOcDq4EGEaxRKAU0814VEmU87btIDx80+z5Dbf+GGHCPrY7odIkxGNn0DJY -W1WcF+DOcbiWoUN6DTkAML0SMnp8aGj9ffx3x+qoggT+vGdWVVA4pgwqZT7Ybntx -bkzcNFW0sqmCv4IN1t4w6L0A87ZwsNwVpre/j6uyBw7s8YoJHDLRFT6g7qgn0tcN -ZufhNISvgWCVJQy/SZjNBHSpnIdCUSJAeTY2mkM4sGxY0Widk8LnjydxZUSxC3Nl -hb6pnMh3jRq4h0+5CZielA4/a+TdrNPv/qok67ot/XJdY3qHCCd8O2b14OVq9jo= +EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgKEMA0GCSqGSIb3DQEBCwUAA4IBAQAT +lpY3s1IAV369xl7cri72ErqFRBveKvJCaq/1l0FSH1w/u3SxABQw9SH29Lg0hbAa +jotcCMo4XZpmKSsQn0Zs4ZgKh1zk90JZVtssWuU3y8ftq9t4JjskRHTF19yp7CCC +zKIHPlCyYjCgw3tWhrsWa95dF3ebVrPkuUfd6CCxe8OB4EC74svI+uuxA7Ud9Jtx +Dno5yFu7NKpRLSwFqJnxbU0bZp434v2vcexkbvZP0Z2AW+C2L+x90xcP5rW2vL+a +S0bj0quNH43cGKbBFzE9cLy04xsGlOqzYSQcFbGeT9LyQBLFZtp6QlC97ZsQ78fG +A2PRPwcF0QCvQrT42b8y -----END CERTIFICATE----- diff --git a/tools/test_apps/protocols/mqtt/publish_connect_test/ca.crt b/tools/test_apps/protocols/mqtt/publish_connect_test/ca.crt index f53f647779..e371e070ca 100644 --- a/tools/test_apps/protocols/mqtt/publish_connect_test/ca.crt +++ b/tools/test_apps/protocols/mqtt/publish_connect_test/ca.crt @@ -1,19 +1,19 @@ -----BEGIN CERTIFICATE----- -MIIDCzCCAfOgAwIBAgIUN9fSo2J8makY6P64QfrO+EcLLm0wDQYJKoZIhvcNAQEL -BQAwFDESMBAGA1UEAwwJRXNwcmVzc2lmMCAXDTI1MDEyODEzMjkxMVoYDzIyOTgx -MTEyMTMyOTExWjAUMRIwEAYDVQQDDAlFc3ByZXNzaWYwggEiMA0GCSqGSIb3DQEB -AQUAA4IBDwAwggEKAoIBAQDBJj+nzMM/xbd/fvF8vWPL9ZxZU45LaaxZHLGOldAz -Z77roxxKSfyZUpNbn9pn3qwVBuYEG6GnfKmikf6QFAfEriSVrqugRw383H3CkLxf -riVT0So+Y69wgbwcSURjTkvNn1HNzgsgFESr+wzwUTn5gc7bNrys3ZchoyKLSabZ -qV+jUwUSrWeQcF4kqVeSTp5kPBxD2SotYHP1hBbKATamYMKN0Khj3v91mmACO+Ss -AY31Riej1mY05h58vU/VmZW10FFb/EMZMNJkIkZgc6u298PxVLpyC446X6uzLehs -V2EDgCAYUQW191j/7Z8kcWSfo96nqP7uHx/2fz2qlLCzAgMBAAGjUzBRMB0GA1Ud -DgQWBBQn5CyOO5LXQ60QRxTRaHZeFdNrVjAfBgNVHSMEGDAWgBQn5CyOO5LXQ60Q -RxTRaHZeFdNrVjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAq -hKN1jrogQLY7AtnUaXb7eKFwI7k9NR6BZeXmE+xGCz02sUHNpzjuwo2oRacDZHZY -oEuwEM+zzWGV4x6cKriNUJ0G9uJwfFkCBZfWaNhyZ+r+3DqL4pH5kCcbQ3ZM+Mfk -dBOr9BUs7q4yZHRngmsi5lff0K6GC/uKC8bd9AKNs9I11g7CnJL2arf/GlZJrvTg -Lk7H7MT65SsAeX2MhifWl0urb20PNjDooQaki3qtApCgrUaIAtTUAP9p3jf8H0RT -rkfoVBxQtTDZltA+xelilUHcmj7pM9105/U6n0hD4yRQgemqaeSCbEo4ST2zm0pE -B4mjbFam7oBWdXdEDF1p +MIIDGTCCAgGgAwIBAgIUY6kAA+U+ZPIJYIff8dlbi6NCzKswDQYJKoZIhvcNAQEL +BQAwFDESMBAGA1UEAwwJRXNwcmVzc2lmMB4XDTI1MDQwMjA1MjcwMloXDTM1MDMz +MTA1MjcwMlowFDESMBAGA1UEAwwJRXNwcmVzc2lmMIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEAwSY/p8zDP8W3f37xfL1jy/WcWVOOS2msWRyxjpXQM2e+ +66McSkn8mVKTW5/aZ96sFQbmBBuhp3ypopH+kBQHxK4kla6roEcN/Nx9wpC8X64l +U9EqPmOvcIG8HElEY05LzZ9Rzc4LIBREq/sM8FE5+YHO2za8rN2XIaMii0mm2alf +o1MFEq1nkHBeJKlXkk6eZDwcQ9kqLWBz9YQWygE2pmDCjdCoY97/dZpgAjvkrAGN +9UYno9ZmNOYefL1P1ZmVtdBRW/xDGTDSZCJGYHOrtvfD8VS6cguOOl+rsy3obFdh +A4AgGFEFtfdY/+2fJHFkn6Pep6j+7h8f9n89qpSwswIDAQABo2MwYTAdBgNVHQ4E +FgQUJ+QsjjuS10OtEEcU0Wh2XhXTa1YwHwYDVR0jBBgwFoAUJ+QsjjuS10OtEEcU +0Wh2XhXTa1YwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAoQwDQYJKoZI +hvcNAQELBQADggEBABKWpI+QdMYoDwyssIbfwpbqJxb5M1w3PLnMsPzg1d5aEqLh +zwN9EnEQ5TxfeC7Lxdv3hKEGtif/aVxBhs48wPSxD7Fuw17kX6P4l9Cu9Ro2+1Oy +0lUxHi61xXxf7zVkdPQ0JLXdSMUvSUuKfvBtHCwEfdC+lsamxIDmCJys69kDhsCM +VJzY8Yz4MA9WOY3Z2YYMRp6ryFBZ9UgSUEnFxSOpggymkcM5mNxod1jshvSJ3FDG +dmvfbmK0+dN3rCiooORsIYVbopAYxralavA9IY24oiULE+GyVt5pNSONmJ96Y7GK +dL72B8RxX+jUSzgu/N3D1DwbPHP/xRiI7EqaYvg= -----END CERTIFICATE----- diff --git a/tools/test_apps/protocols/mqtt/publish_connect_test/ca.der b/tools/test_apps/protocols/mqtt/publish_connect_test/ca.der index 3095392208..8f0d12006a 100644 Binary files a/tools/test_apps/protocols/mqtt/publish_connect_test/ca.der and b/tools/test_apps/protocols/mqtt/publish_connect_test/ca.der differ