Re: [dev] Certificate-based credential (DTLS fails to find cipher suite)

Thu, 10 Jan 2019 06:35:13 -0800 

Hi Aleksey ,

I am actually using the second configuration. In the client I have added
this which the server root trustca
           {
                "credid": 3,
                "subjectuuid": "*",
                "credtype": 8,
                "publicdata": {
                   "encoding": "oic.sec.encoding.der",
                   "data":
"308201ca3082016da00302010202147b9f928b0cf7012243be983c5c892eb7a5f3d8b5300c06082a8648ce3d04030205003040310b3009060355040613025553310c300a060355040a13034f4346312330210603550403131a44455620526f6f7420434120466f72204d666720536572766572301e170d3138303232323231313133375a170d3238303232323231313133375a3040310b3009060355040613025553310c300a060355040a13034f4346312330210603550403131a44455620526f6f7420434120466f72204d6667205365727665723059301306072a8648ce3d020106082a8648ce3d03010703420004e6fb0e47db7e1f2b2eed26261e1bd21e5db666519c9376e5d0e026469d56fa6eaac5199ca201f82fd49ac694e072699b9be749e39bd18ca9be70dfb14c82288ea3433041300c0603551d13040530030101ff300e0603551d0f0101ff04040302010630210603551d25041a3018060a2b0601040182de7c0106060a2b0601040182de7c0107300c06082a8648ce3d04030205000349003046022100a3d697f9cfe04483e29aae7bfd5f61b2bfe322ee838ecb75eb2975485275d491022100abc33276d6c6df073b868470959d6b2a0fc53a35bb7726625a7ce28b3e68f390",
                   "revstat": false
                },
                "credusage": "oic.sec.cred.trustca"
             }
and in the server I use the following which is the client root trustca
             {
                "credid": 3,
                "subjectuuid": "*",
                "credtype": 8,
                "publicdata": {
                   "encoding": "oic.sec.encoding.der",
                   "data":
"308201cc3082016fa003020102021467944d2fdb52be342eacbe332990f229771b0695300c06082a8648ce3d04030205003041310b3009060355040613025553310c300a060355040a13034f4346312430220603550403131b44455620526f6f7420434120466f722050726f7620436c69656e74301e170d3138303232323231303835325a170d3238303232323231303835325a3041310b3009060355040613025553310c300a060355040a13034f4346312430220603550403131b44455620526f6f7420434120466f722050726f7620436c69656e743059301306072a8648ce3d020106082a8648ce3d030107034200041e75544d42938a72c375b73d436ed4600824eee28295a253ff4fdd15a7c41ae96c07be2a3599fae987e039882ebf9ddb7bad000c66dd6145db05a00569643bb4a3433041300c0603551d13040530030101ff300e0603551d0f0101ff04040302010630210603551d25041a3018060a2b0601040182de7c0106060a2b0601040182de7c0107300c06082a8648ce3d04030205000349003046022100a9959d87f3ba6b9846c62804e83e209829de67349cbc1e4434132d677eeb94f2022100a01144a0e0b3f02f329025253c49c7f504763fb3351a6438fca1d2a3339ed321",
                   "revstat": false
                },
                "credusage": "oic.sec.cred.trustca"
      }
Will check again, probably they are reversed and will also try to generate
a chain from same root ca for both. This is a simpler case to start getting
things to work.

BR,

Khaled



On Thu, Jan 10, 2019 at 4:18 PM Aleksey Volkov <a.vol...@samsung.com> wrote:

> Hi Khaled,
>
>
>
> You used different rootca on the client and server devices, accordingly,
> you recived a certificate chain verification error.
>
> Please, use same rootca on both client and server, or just add each rootca
> to the opposite side credentials.
>
>
>
>
>
> *Best regards,*
>
> *Aleksey Volkov*
>
>
>
>
>

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.

View/Reply Online (#10142): 
https://lists.iotivity.org/g/iotivity-dev/message/10142
Mute This Topic: https://lists.iotivity.org/mt/28611921/21656
Group Owner: iotivity-dev+ow...@lists.iotivity.org
Unsubscribe: https://lists.iotivity.org/g/iotivity-dev/unsub  
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to