Hi Gregg. I am not using any new code. Just the code in ~/iotivity/examples/OCFSecure and also the code in and the code in resource/csdk/security/provisioning/sample. I just created new certificates/private keys and json files for a client and server. The certificates and json files work great for the provisioningclient and sampleserver_mfg. So, I don't have a bug in the certificate and their usage in the json files. My problem is if I get one client and one server which are pre-provisioned ad their json uses certificate chain based authentication, the secure DTLS is not established. I suspect that this is probably just the model. the server should be provisioned first with a certificate holding client after which it can provide access. But I am not sure why or if this interpretation is correct.
So, I will re-visit this and test the following: 1) non-provisioned sampleserver_mfg with proper certificate chain 2) provisioningclient with proper certificate chain provisions the sampleserver (I re-confirm 1 and 2 already work great either with sample code and certificates and also using my newly created certificates) 3) Third client with proper certificates chain accesses the sampleserver_mfg resources. I have a feeling this will work. Will let you guys know tomorrow. I generate the certificates and keys using the utility certgenerator that also comes with the provisioning code. It is a very straight-forward tool. Then I process the output further with openssl to put the certificates in DER format to fill the JSON files. Let me know if there is anything else you need to restart on this. BR, Khaled On Thu, Dec 27, 2018 at 10:40 PM Gregg Reynolds <d...@mobileink.com> wrote: > > > On Mon, Dec 10, 2018, 1:02 AM Khaled Elsayed <khaledi...@gmail.com wrote: > >> Hi Gregg, >> >> No unfortunately. I will have a second look today but If I could not, I >> will proceed using the non-certificate based shared key credential >> supporting a limited number of clients for the time being >> > > Do you have any code you can share? I'm gearing up to work on this sorta > stuff in January. > > G > >> _._,_ >> >>> -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#10108): https://lists.iotivity.org/g/iotivity-dev/message/10108 Mute This Topic: https://lists.iotivity.org/mt/28611921/21656 Group Owner: iotivity-dev+ow...@lists.iotivity.org Unsubscribe: https://lists.iotivity.org/g/iotivity-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
