- Forums
- Product Forums
- General Purpose MicrocontrollersGeneral Purpose Microcontrollers
- i.MX Forumsi.MX Forums
- QorIQ Processing PlatformsQorIQ Processing Platforms
- Identification and SecurityIdentification and Security
- Power ManagementPower Management
- Wireless ConnectivityWireless Connectivity
- RFID / NFCRFID / NFC
- Advanced AnalogAdvanced Analog
- MCX Microcontrollers
- S32G
- S32K
- S32V
- MPC5xxx
- Other NXP Products
- S12 / MagniV Microcontrollers
- Powertrain and Electrification Analog Drivers
- Sensors
- Vybrid Processors
- Digital Signal Controllers
- 8-bit Microcontrollers
- ColdFire/68K Microcontrollers and Processors
- PowerQUICC Processors
- OSBDM and TBDML
- S32M
- S32Z/E
-
- Solution Forums
- Software Forums
- MCUXpresso Software and ToolsMCUXpresso Software and Tools
- CodeWarriorCodeWarrior
- MQX Software SolutionsMQX Software Solutions
- Model-Based Design Toolbox (MBDT)Model-Based Design Toolbox (MBDT)
- FreeMASTER
- eIQ Machine Learning Software
- Embedded Software and Tools Clinic
- S32 SDK
- S32 Design Studio
- GUI Guider
- Zephyr Project
- Voice Technology
- Application Software Packs
- Secure Provisioning SDK (SPSDK)
- Processor Expert Software
- Generative AI & LLMs
-
- Topics
- Mobile Robotics - Drones and RoversMobile Robotics - Drones and Rovers
- NXP Training ContentNXP Training Content
- University ProgramsUniversity Programs
- Rapid IoT
- NXP Designs
- SafeAssure-Community
- OSS Security & Maintenance
- Using Our Community
-
- Cloud Lab Forums
-
- Knowledge Bases
- ARM Microcontrollers
- i.MX Processors
- Identification and Security
- Model-Based Design Toolbox (MBDT)
- QorIQ Processing Platforms
- S32 Automotive Processing Platform
- Wireless Connectivity
- CodeWarrior
- MCUXpresso Suite of Software and Tools
- MQX Software Solutions
- RFID / NFC
- Advanced Analog
-
- NXP Tech Blogs
- Home
- :
- 身份验证与安全
- :
- Smart Cards and Secure Element
- :
- Re: EdgeLock SE051: Retrieve inbuild certificate and key (or key reference)
EdgeLock SE051: Retrieve inbuild certificate and key (or key reference)
EdgeLock SE051: Retrieve inbuild certificate and key (or key reference)
07-15-2025
12:18 AM
942 次查看
mukeshkumar_pra
Contributor II
Hello,
In SE051, I am able to inject key and retrieve key reference of it, which is generated outside of it, but just now I come to know that SE051 has its own certificate and key which is build while manufacturing time and unique across the each SE051 chip.
I want to use these inbuild certificate and key for TLS mutual authentication, can anyone support me how can I retrieve inbuild certificate and key (or key reference)?
Thanks,
Mukesh Prajapati
5 回复数
07-15-2025
10:36 PM
925 次查看
mukeshkumar_pra
Contributor II
Hello @Kan_Li ,
Thanks for your reply. but it will not help me for my task.
My questions were,
- Does SE051 chip come with inbuild certificate and key which are injected while manufacturing time? if so than we do not need to inject any certificate and key, can be used same for our purpose.
- if SE051 comes with injected certificate and key, are they unique across chipset?
- Which are tools required to retrieve certificate and private key (or private key reference)?
Could you please help me with above questions.
Thanks,
Mukesh Prajapati
07-17-2025
12:42 AM
911 次查看
Please kindly have my comments as below:
- Does SE051 chip come with inbuild certificate and key which are injected while manufacturing time? if so than we do not need to inject any certificate and key, can be used same for our purpose. - Yes , SE051 comes with NXP provisioned certs and keys except SE051P2 which supports custom applet development instead. Please refer to https://www.nxp.com/docs/en/application-note/AN12973.pdf for more details.
- if SE051 comes with injected certificate and key, are they unique across chipset? - Yes, they are unique across chipset.
- Which are tools required to retrieve certificate and private key (or private key reference)? - Please kindly have my first answer.
Have a great day,
Kan
-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------
07-20-2025
11:17 PM
861 次查看
mukeshkumar_pra
Contributor II
Hello @Kan_Li ,
Thanks for your reply,
Most of the queries are solved with your last reply but still some queries remain to be resolved.
You have mentioned that seTool will get private key reference from chip - that worked but se05x_GetCertificate - I could not test because it has not been compiled with my build set up and after checking I found that it will compile if I set "SSS_HAVE_HOSTCRYPTO_MBEDTLS: ON" but for my build set up we use "PTMW_HostCrypto=OPENSSL". could you please tell me how I can get se05x_GetCertificate compiled in my build setup.
Thanks,
Mukesh Prajapati
07-21-2025
02:25 AM
854 次查看
Hello @mukeshkumar_prajapati ,
This demo works with MbedTSL only, if you use openSSL instead, you may use the ssscli tool.
Please refer to SE-PLUG-TRUST-MW_04.07.00/simw-top/doc/cli-tool.html for more details.
Hope that helps,
Have a great day,
Kan
-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------
07-15-2025
08:58 PM
935 次查看
There are demo/tools available for that purpose, please kindly refer to the following for details.
SE-PLUG-TRUST-MW_04.07.00/simw-top/doc/demos/se05x/se05x_GetCertificate/Readme.html
SE-PLUG-TRUST-MW_04.07.00/simw-top/doc/demos/se05x/seTool/Readme.html
Hope that helps,
Have a great day,
Kan
-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------
