Thales' cellular IoT products business is now part of Telit Cinterion, find out more.

You are here

Community > Forum > Global Discussion > restore to default ^SJMSEC: 1,0,1,0 mode

restore to default ^SJMSEC: 1,0,1,0 mode | Telit Cinterion IoT Developer Community

Like
0
4
esiflis's picture
esiflis

April 24, 2017 - 10:05am, 2909 views

Hello!

I was trying to set up ssl/tls on an EHS6 module, following the :

https://iot-developer.thalesgroup.com/tutorial/internet-services-ssltls

tutorial.

Everything was going flawless until the step

"install certs on server:

      You need to be able to ssh to the server without password. You can use ssh-keygen and ssh-copy-id for this."

At that point I retreated, and I wanted to try SSL connection without client certificate by installling only the public certificate (.der file exported form browser), as presented here:

https://iot-developer.thalesgroup.com/threads/esh6-not-working-ssl-config

But the problem is, that I cannot uninstall the previously installed certifiacets, to return to default certificate status:

at^sjmsec?

^SJMSEC: 1,0,1,0

Currently i get:

at^sjmsec?

^SJMSEC: 1,1,1,1

How can I undo the previously installed certificates?

Thank you in advance.

Endre

4
Comment
Log in or register to post comments
Bartłomiej Gemalto Moderator's picture
Bartłomiej Gema...
Apr 24 2017 - 1:57pm

Hello,

This is a nice and complex tutorial. But there is some Application Engineering’s test server used as example. So you'd have to have your own server because I expect that you don't have access to AE server.

There are commands in the Java User's Guide document for loading and deleting certificates from the module. You can generate command for a single certificate or to delete all. 

For example for untrusted mode:

java -jar jseccmd.jar -cmd DelAllHttpsCertificatesUntrusted >

DelAllHttpsCertificatesUntrusted.txt

java -jar jseccmd.jar -cmd DelHttpsClientCertificateUntrusted >

DelHttpsClientCertificateUntrusted.txt

Trusted mode:

java -jar jseccmd.jar -cmd DelAllHttpsCertificates

-imei 012345678901234 -alias operator

-storepass keystorepass -keypass keypass

-keystore ./se_customer.ks > DelAllHttpsCertificatesTrusted.txt

java -jar jseccmd.jar -cmd DelHttpsClientCertificate

-imei 012345678901234 -alias operator

-storepass keystorepass -keypass keypass

-keystore ./se_customer.ks > DelHttpsClientCertificateTrusted.txt

The result you need to send with the AT^SJMSEC command.

Regards,

Bartłomiej

esiflis's picture
esiflis
May 23 2017 - 2:10pm

Thank you for your response! 

jeromebaron's picture
jeromebaron
Mar 9 2018 - 9:38pm

Is there a way to ***** the keystore without the passwords?

Like, ***** the whole flash?

Bartłomiej Gemalto Moderator's picture
Bartłomiej Gema...
Mar 12 2018 - 12:11pm

Hello,

It's not possible.

As it's described in the Java user's Guide the private key is the central element of Java Security - if Java Security is activated and you lose the private key, the module is useless.

Best regards,

Bartłomiej