5.8.2. Building a self-signed certificate

This demo is to demonstrate how we can use provisioned keys to create a self-signed certificate to communicate with cloud platforms. In this example, we use two binaries, one to generate a keypair inside the secure element and another to use the generated keypair to create a self-signed certificate.

Note

We use OpenSSL in this example to create the certificate.

5.8.2.1. How to use

  1. Run the binary generate_certificate_key to generate an ECC-256 keypair inside the secure element.

  2. Run the binary generate_certificate to create a self-signed certificate. This demo provisions the the generated certificate into the secure element.

  3. You can read-out the certificate using SSS-APIs from keyId CERTIFICATE_KEY_ID + 1 as defined in certificate.h file.