Home  Contents

ssl:loadCertData

 Cipher/SSL Core4 Lua Commands
Platform Core4 Filesystem Core4 Lua
Core4 Manager Core4 Manager Downloads Getting started Installation Development
Application Notes Lua TCP/IP
Core4 Lua Commands Audio Cipher Cipher/Hash Cipher/MPI Cipher/PKI Cipher/SSL Ctype Date/Time Debug Filer Graphics JSON Kconfig Math Mtd16 OS Sql String Table Tr
Core4 Lua Event System Bis Event Finger Gpio Httpd Httpd/CGI Keyboard Magstripe Mtd16io Rawio Touch V4kf Websocket
Lua Commands Coroutine Debug File Global IO OS Package String Table
Credits Credits

SYNOPSIS

  1. ok, err, errcode = ssl:loadCertData(data)
  2. ok, err, errcode = ssl:loadCertFile(filename)
  3. info = ssl:getCertInfo()

DESCRIPTION

The local certificate is the identification of this machine. During connection, it is presented to the peer. The peer can then decide whether to accept or reject the connection.

The certificate data is public and does not need to be kept secure.

The system can load a certificate in X509 PEM or BER format.

A local certificate goes together with a local RSA key pair, see ssl:loadKeyFile().

Loading a local certificate is completely optional. If no certificate is loaded, then none will be presented to the peer on a connection attempt. It is up to the peer to not accept connections without a proper certificate.

For web applications, typically only servers use a local certificate and private key.

The function ssl:loadCertData() loads the certificate from the data passed in a string variable.

The second function, ssl:loadCertFile() instead loads the certificate directly from a file.

The query function ssl:getCertInfo() returns some basic information about the certificate.

RETURN VALUE

The loading functions ssl:loadCertData() and ssl:loadCertFile() return true on success.

In case of an error they return three values: nil, a string describing the error and a negative error code from the underlying mbed TLS implementation.

The info function ssl:getCertInfo() returns a table with the following key/value pairs:

valid_from The earliest date that the certificate is valid
valid_to The latest date that the certificate is valid
serial The serial number of the certificate
issuer Information about the certificate issuer, see below
subject Information about the certificate subject, see below

The fields issuer and subject are nested tables with more info. Following are the fields that may be present in the certificate. The table will only contain entries if there is actually data of that kind present. The table may contain additional items if the certificate has further data. The extra items are listed with their hexadecimal tag code.

CN Common Name
O Organization
OU Organizational Unit
L Location
S State/Province
C Country
R Email address

SEE ALSO

cipher.ssl(), ssl:loadKeyData(), ssl:loadKeyFile(), ssl:loadCAData(), ssl:loadCAFile(), ssl:loadCADir(), ssl:getCAInfo(), ssl:checkKeyPair()

Core4 SDK 2.114.0#7929 © Teratronik elektronische Systeme GmbH © mbed TLS   2024-04-25