ヘルプ
英语(美国) | English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

Support of CDP/OCSP for SE050 certificates revocation

キャンセル
提案をオンにする
自動提案では、入力時に可能な一致が提案されるので検索結果を素早く絞り込むことができます。
次の結果を表示 
表示  限定  | 次の代わりに検索 
もしかして: 
解決済み
ソリューションへジャンプ

Support of CDP/OCSP for SE050 certificates revocation

ソリューションへジャンプ
‎02-12-2023 05:43 PM
1,578件の閲覧回数
kei_odagiri
Contributor III

I have got a thing to get through about SE050 certificates revocation.

I have known the two intermediate CA was revoked due to receiving NXP's notification. According to the SE050 configurations (AN12436), the certificates named "Cloud Onboarding ECC, SE050C1/SE050C2" have been revoked. I have checked the leaf certificates which were extracted from SE050C1 and downloaded from NXP. These certs don't include the fields such as CPD, OCSP to manipulate certificate revocation. Actually, I tried making my device connect to AWS iot core with the leaf certificate, then it worked to connect to AWS iot core. At first I expected a behavior in which my device with the certificate will be rejected by AWS.

Questions:

1. Currently are you supporting CDP/OCSP server?

2. If not supported, I'd like to know how I can handle this intermediate CA revocation. Especially about connection authentication for cloud service.

Kei Odagiri

Atmark Techno,Inc.

0 件の賞賛
返信
1 解決策

ソリューションへジャンプ
‎02-13-2023 01:18 AM
1,551件の閲覧回数
Kan_Li
NXP TechSupport
NXP TechSupport

Hi @kei_odagiri ,

 

No, we are not supporting CDP/OCSP server, but for your case, you may use other trusted certs inside the SE05x for AWS application, just as mentioned in https://www.nxp.com/docs/en/application-note/AN12404.pdf , the untrusted certs might still be ok with AWS but not recommended at all.

 

Hope that makes sense,

 

Have a great day,
Kan


-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

元の投稿で解決策を見る

0 件の賞賛
返信
2 返答(返信)

ソリューションへジャンプ
‎02-13-2023 01:18 AM
1,552件の閲覧回数
Kan_Li
NXP TechSupport
NXP TechSupport

Hi @kei_odagiri ,

 

No, we are not supporting CDP/OCSP server, but for your case, you may use other trusted certs inside the SE05x for AWS application, just as mentioned in https://www.nxp.com/docs/en/application-note/AN12404.pdf , the untrusted certs might still be ok with AWS but not recommended at all.

 

Hope that makes sense,

 

Have a great day,
Kan


-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

0 件の賞賛
返信

ソリューションへジャンプ
‎02-13-2023 04:45 PM
1,541件の閲覧回数
kei_odagiri
Contributor III
Thank you.
0 件の賞賛
返信