SARA-R4/N4 series-AT Commands Manual
UBX-17003787 - R09

19SSL/TLS
Page 203 of 307
19î™–î™–î™–î™–SSL/TLS
19.1î™–î™–î™–î™–Introduction
SSL/TLS provides a secure connection between two entities using TCP socket for communication (i.e. HTTP/
FTP server and HTTP/FTP client).
The SSL/TLS with digital certificates support provides different connection security aspects:
• Server authentication: use of the server certificate verification against a specific trusted certificate or a
trusted certificates list;
• Client authentication: use of the client certificate and the corresponding private key;
• Data security and integrity: data encryption and Hash Message Authentication Code (HMAC) generation.
The security aspects used in the current connection depend on the SSL/TLS configuration and features
supported by the communicating entities.
u-blox cellular modules support all the described aspects of SSL/TLS security protocol with these AT
commands:
• AT+USECMNG: import, removal, list and information retrieval of certificates or private keys;
• AT+USECPRF: configuration of USECMNG (u-blox SECurity MaNaGement) profiles used for an SSL/TLS
connection.
The USECMNG provides a default SSL/TLS profile which cannot be modified. The default USECMNG profile
provides the following SSL/TLS settings:
Setting Value Meaning
Certificates validation level Level 0 The server certificate will not be checked or verified.
Minimum SSL/TLS version Any The server can use any of the TLS1.0/TLS1.1/TLS1.2 versions for the
connection.
Cipher suite Automatic The cipher suite will be negotiated in the handshake process.
Trusted root certificate internal
name
"" (none) No certificate will be used for the server authentication.
Expected server host-name "" (none) No server host-name is expected.
Client certificate internal name "" (none) No client certificate will be used.
Client private key internal name "" (none) No client private key will be used.
SARA-R4 / SARA-N4
The default USECMNG profile does not provide the client certificate internal name and the client private
key internal name.
19.2î™–î™–î™–î™–SSL/TLS certificates and private keys manager
+USECMNG
+USECMNG
SARA-R410M-01B SARA-R410M-02B SARA-R410M-52B SARA-R412MModules
SARA-N4
Syntax PIN required Settings saved Can be aborted Response time Error referenceAttributes
full No No No - +CME Error
19.2.1î™–î™–î™–î™–Description
Manages the X.509 certificates and private keys with the following functionalities:
• Import of certificates and private keys
• List and information retrieval of imported certificates and private keys
• Removal of certificates and private keys
• MD5 calculation of imported certificate or private key
SARA-R4 / SARA-N4
The command accepts certificates and private keys in DER (Distinguished Encoding Rules) format only.
If the provided format is PEM, the imported certificate or private key will be invalid.
To Next Page
Loading...
Need help?
General
