|
SARA-R4/N4 series - AT Commands ManualUBX-17003787 - R09 19 SSL/TLSPage 209 of 30719.3.4 Notes•TLS_RSA_WITH_AES_128_CBC_SHATLS_RSA_WITH_AES_128_CBC_SHA256TLS_RSA_WITH_AES_256_CBC_SHATLS_RSA_WITH_AES_256_CBC_SHA256TLS_RSA_WITH_3DES_EDE_CBC_SHATLS_PSK_WITH_AES_128_CBC_SHATLS_PSK_WITH_AES_256_CBC_SHATLS_PSK_WITH_3DES_EDE_CBC_SHATLS_RSA_PSK_WITH_AES_128_CBC_SHATLS_RSA_PSK_WITH_AES_256_CBC_SHATLS_RSA_PSK_WITH_3DES_EDE_CBC_SHATLS_PSK_WITH_AES_128_CBC_SHA256TLS_PSK_WITH_AES_256_CBC_SHA384TLS_RSA_PSK_WITH_AES_128_CBC_SHA256TLS_RSA_PSK_WITH_AES_256_CBC_SHA384SARA-R4 SARA-N4 * * * * * * * * * * * * * * *SARA-R410M-01B * * * * *Table 22: Cipher suite applicabilitySARA-R4 / SARA-N4• =7, 8, 9 and 10 are not supported.SARA-R410M-01B• The unique certificate validation level (=0) supported is the level 0 (no validation, val>=0).• The unique minimum SSL/TLS version (=1) supported is =0 (the server can useany version for the connection).19.4 AT+USECMNG command exampleCommand Response DescriptionStep 1: Import a trusted root certificate using the stream of byte similar to +UDWNFILEAT+USECMNG=0,0,"ThawteCA",1516> Start the data transfer using the stream ofbyte.PEM encoded trusted rootcertificate data.+USECMNG: 1,0,"ThawteCA","8ccadc0b22cef5be72ac411a11a8d812"OKInput PEM formatted trusted rootcertificate data bytes. Output MD5 hashstring of the stored trusted root certificateDER.Step 2: List all available certificates and private keysAT+USECMNG=3 CA, "ThawteCA","thawte Primary Root CA","2036/07/17"OKList all available certificates and privatekeys.Step 3: Set the security profile 2 validation level to trusted rootAT+USECPRF=2,0,1 OK Security profile 2 has the validation levelset to trusted root.Step 4: Set the security profile 2 trusted root certificate to the CA certificate imported as "ThawteCA"AT+USECPRF=2,3,"ThawteCA" OK Security profile 2 will use the CA certificateimported as "ThawteCA" for servercertificate validation.Step 5: Use the configured USECMNG profile 2 with the UHTTP applicationAT+UHTTP=0,1,"www.ssl_tls_test_server.com"OK Configure the UHTTP server name.AT+UHTTP=0,6,1,2 OK Enable the SSL/TLS for the UHTTP profile#0 and specify the SSL/TLS securityprofile 2.AT+UHTTPC=0,1,"/","https.resp" OK Execute the HTTP GET command.+UUHTTPCR: 0,1,1 HTTP GET URC response.
|
