Gemalto is now part of the Thales Group, find out more.

You are here

Simple socket TLS connection with client authentication | Thales IoT Developer Community

March 22, 2018 - 3:04pm, 1533 views

Hi,

I am trying to set up a socket TCP connection with TLS and Server authentication using the BGS2-W in an embedded environment.

I have tried to use AN62 v4.0 as a reference, but there are a number of differences I am trying to work round.

First question: To support TLS1.2 with ciphers better than the four listed in the table in AN62, do I need to use the java midlet? I want to try and avoid having to load a midlet.

Second question: AN62 and the java tools seem to suggest I always need a "Keystore" and a Client certificate and Client key. If I just want to use Server authentication, I should only need to load the Root public Certificate into the modem. I don't understand what the keystore and client certificate is for.

Third question: AN62 says there must be a Client certificate loaded into index 0 before anything else can be done. Why is this, and how can I avoid it. I cannot currently create different certificates for each client I have.

Am I going about this all the wrong way?

Thanks.

Ed.