Technical information

Secure Socket Protocol Theory of Operation

2-96 AT+i Commands Reference Manual May 31, 2008

Creating a Certificate Authority

The certificate generated using the following steps can be used in deployed systems, in which you

are the trusted authority. Users of these certificates can be confident of your identity. For

example, W24 devices communicating with servers that are setup and configured by the device

vendor can secure their communications using certificates signed by the vendor-created

Certificate Authority.

In order to store the files to be generated, create a new directory named testCA.

Open a command will (on Windows, enter cmd in the Start > Run dialog box), change the

command shell's working directory to testCA and follow these instructions:

Creating the CA Environment

The creation of a CA produces several files that must be preserved throughout the lifecycle of the

CA. You can sign an unlimited number of certificates using a single CA. These files are written to

each time you sign a certificate.

1. Under the testCA directory create sub-directories certs and private.

2. Create a new file named serial. In this file enter the numerals '01' and save the file.

3. Create an empty file named index.txt.

Creating the Test CA Configuration File

Whereas you can enter all configuration information in a command line, creating a configuration

file makes these steps easier to reproduce and allows you to save the options used to create a CA.

1. Create a new file named CAcnf.ca using a text editor of your choice.

2. Add the following basic CA configuration information:

[ ca ]

default_ca = CA_default

[ CA_default ]

dir = /testCA

certificate = $dir/cacert.pem

database = $dir/index.txt

new_certs_dir = $dir/certs

private_key = $dir/private/caprivkey.pem

serial = $dir/serial

default_crl_days = 7

default_days = 365

default_md = md5

policy = CA_default_policy