Zephyr includes the open-source MCUboot bootloader as a module, and makes it easy to use as a bootloader for Zephyr applications.  A Zephyr app can be easily built to load with MCUboot.  Zephyr uses a tool called Sysbuild that also enables building the MCUboot bootloader and Zephyr app with the same build command.  To use Sysbuild with CLI, see Building a sample with MCUboot and Sysbuild.  A more advanced use-case is  MCUboot RAM Loading with Zephyr. This guide uses NXP's MCUXpresso extension for VS Code to build a sample app with MCUboot.  To get started with VS Code, see the Zephyr Knowledge Hub.  Basic knowledge of using VS Code to import and build applications is required before following these steps. To get started, import the Zephyr application into VS Code.  This example uses the hello_world sample: To enable Sysbuild for this project, start in the Projects view, right-click on the project, click the Configure menu, and click "Set Sysbuild".   A pop-up appears in the center of the top of the VS Code window.  Select the Enable option. To learn more, see Configuring Sysbuild in VS Code.   We also want to configure the app to build for MCUboot by setting the Cmake variable SB_CONFIG_BOOTLOADER_MCUBOOT=y.  To configure Cmake variables, Expand the project, and expand the Build Configurations.  Select the build configuration to edit, and click the pencil icon on the right.  Here we are editing the default "debug" configuration for the hello_world project.   In the field CMake Extra Args, add SB_CONFIG_BOOTLOADER_MCUBOOT="y" .  To learn more, see Cmake Variables in VS Code.   To build the project, right-click the project and select Pristine Build.  This builds two images: one for MCUboot, and another for the app hello_world. Debugging the app will not program the MCUboot image to the flash.  But we can flash either image to the board using VS Code.  In the Projects view, right-click the project and select Flash the Selected Target.   In the pop-up at the top of the window, select the zephyr.hex file in Domain: mcuboot.  VS Code will flash that zephyr.hex file to the board.   Now you we can debug or flash the app.  When the board boots, it prints similar to below.  This shows MCUboot boots first, finds the app image in slot0, and jumps to the hello_world app. *** Using Zephyr OS build v4.1.0-2827-gb0bf73a18c3c *** I: Starting bootloader I: Image index: 0, Swap type: none I: Bootloader chainload address offset: 0x14000 I: Image version: v0.0.0 I: Jumping to the first image slot *** Booting Zephyr OS build v4.1.0-2827-gb0bf73a18c3c *** Hello World! frdm_mcxn947/mcxn947/cpu0  

This article details using MCUboot's RAM Loading feature with Zephyr on an NXP i.MX RT microcontroller.  MCUboot is a popular open-source bootloader that easily integrates with Zephyr applications.  Using the RAM Load feature, the bootloader will find a valid image in flash, copy it to RAM, and jump to the app in RAM.  Therefore, the Zephyr app must be built to execute from the RAM region, but write the image to flash. These steps leverage Zephyr's Sysbuild system, which simplifies managing multiple images like this MCUboot bootloader and the application.  There are two examples provided that load the blinky sample to RAM: one loading to external SDRAM, and one loading to internal DTCM. Recommended Reading This article delves into the use of MCUboot, Sysbuild, memory maps, and RAM loading. If these topics are new to you, we recommend reviewing the following resources to build a solid foundation before exploring the details within this document. Sysbuild with MCUboot AN12437 i.MX RT Series Performance Optimization AN13970 RT Series Memory Relocation in Zephyr SW/HW Requirements Zephyr is very portable and these steps will help on other hardware platforms with simple tweaks.  But these steps were tested with the following: Zephyr v4.2 Zephyr SDK v0.17.2 MIMXRT1060-EVKC board using the default QSPI external flash.  The Zephyr build target is  mimxrt1060_evk@C//qspi . RT1060 Memory Map  The table below details the memory maps used in these examples.  Starting with the RT1060 default memory map in Zephyr v4.2, this is the address map if no changes are made, and RAM Loading is not used.  The partition map in the QSPI flash are common for MCUboot and the app, since all images must be stored in separate address ranges.  And this partition map is not changed in these examples.   zephyr,flash  and  zephyr,sram  are devicetree chosen nodes, and tell the linker where to place code/data in the memory map.   zephyr,flash  includes the executable code and read-only data, which are typically placed in flash, but these examples place in RAM.   zephyr,sram  is where the linker places writable data like the .data and .bss sections.  These examples modify the  zephyr,sram  location, and keep  zephyr,sram  of MCUboot and the app in different address ranges to avoid contention during the RAM loading. Region v4.2 Default SDRAM example DTCM example blinky zephyr,flash (code and rodata) slot0_partition 0x6002_0000 SDRAM 0x8000_0000 DTCM 0x2000_0000 blinky zephyr,sram (rwdata) SDRAM 0x8000_0000 SDRAM 0x8000_0000 DTCM 0x2000_0000 MCUboot zephyr,sram (rwdata) SDRAM 0x8000_0000 DTCM 0x2000_0000 SDRAM 0x8000_0000 FlexSPI QSPI flash (non-volatile boot mem) 0x6000_0000     boot_partition (for bootloader) 0x6000_0000     slot0_partition (for app image) 0x6002_0000     slot1_partition (for app image) 0x6032_0000       RAM Loading to SDRAM The attached ramload_sdram.patch applied to the Zephyr v4.2 repo will modify the blinky sample to be loaded to SDRAM by MCUboot. Note that NXP's i.MX RT development boards that include external SDRAM, like the MIMXRT1060-EVK, use SDRAM for the default  zephyr,sram  node.  The SDRAM is enabled and configured by the ROM bootloader before that bootloader boots any application, including the MCUboot secondary bootloader.  This configuration enables a Zephyr app to access the SDRAM immediately after booting.  The ROM bootloader is configured to do this by the DCD stored in flash with the boot image, see Memory details with Zephyr for more details.  Therefore, when MCUboot is used with SDRAM, the DCD is required in the MCUboot image. The sections below detail the changes made to MCUboot, the blinky sample, and to both domains using Sysbuild.  All these files are located in the repo folder samples/basic/blinky. Sysbuild changes for both domains The file sysbuild.conf is added to the app to configure Sysbuild for MCUboot.  This also enables the RAM Load feature used in building both MCUboot and the app. SB_CONFIG_BOOTLOADER_MCUBOOT=y SB_CONFIG_MCUBOOT_MODE_RAM_LOAD=y   MCUboot changes The file sysbuild/mcuboot.conf configures the MCUboot domain.  MCUboot will load the image stored in the slot partition to this address, which is the base address for SDRAM.  The RAM_SIZE is used during the copy, and should be scaled as needed. CONFIG_BOOT_IMAGE_EXECUTABLE_RAM_START=0x80000000 CONFIG_BOOT_IMAGE_EXECUTABLE_RAM_SIZE=131072 The file sysbuild/mcuboot.overlay modifies the devicetree for this bootloader.  Since MCUboot will load the app to SDRAM, the  zephyr,sram  node is moved to DTCM to avoid overwriting any MCUboot data.  The  zephyr,code-partition  node tells the linker to place the MCUboot bootloader code in the   boot_partition  in the flash. / {     chosen {         zephyr,sram = &dtcm; zephyr,code-partition = &boot_partition; }; };   Application changes The file boards/mimxrt1060_evk_mimxrt1062_qspi_C.overlay modifies the devicetree for this app, and places the executable code in SDRAM, to be loaded by MCUboot. / { chosen { zephyr,flash = &sdram0; }; };   The file boards/mimxrt1060_evk_mimxrt1062_qspi_C.conf adjusts the address used when programming the blinky signed image binary to flash.  Since the  zephyr,flash  node is placed in SDRAM, normally the "west flash" command would try to program the binary to 0x8000_0000, the base address of the SDRAM.  This Kconfig selects the address of the  slot0_partition  to store the blinky image in flash. CONFIG_FLASH_BASE_ADDRESS=0x60020000   Build and flash These steps use the Command Line Interface (CLI) to build and flash.  Another option is to use VS Code with NXP's MCUXpresso extension, see Zephyr app with MCUboot in VS Code. This build command uses Sysbuild to build both images for MCUboot and the blinky app.  This creates the folder ramload_blinky with all the generated files for both domains, which is used to flash the board. west build -b mimxrt1060_evk@C//qspi samples/basic/blinky -d ../../ramload_blinky --sysbuild --pristine This flash command uses Sysbuild to flash both images to the board, first the MCUboot image, then the signed blinky app image.  This example specifies using the JLink debug probe, or LinkServer is another option. west -v flash -d ../../ramload_blinky/ -r jlink   Console output from SDRAM Connect a terminal to the debug console.  After flashing, the LED will blink and the RT1060 will boot and print like this: *** Booting MCUboot v2.1.0-rc1-389-g4eba8087fa60 *** *** Using Zephyr OS build v4.2.0 *** I: Starting bootloader I: Primary slot: version=0.0.0+0 I: Image 0 Secondary slot: Image not found I: Image 0 RAM loading to 0x80000000 is succeeded. I: Image 0 loaded from the primary slot I: Bootloader chainload address offset: 0x80000000 I: Image version: v0.0.0 I: Jumping to the first image slot *** Booting Zephyr OS build v4.2.0 *** LED state: OFF LED state: ON   RAM Loading to DTCM The attached ramload_dtcm.patch modifies the repo to load the blinky sample to DTCM.  The patch is very similar to the SDRAM patch detailed above.  The same build and flash steps are used for this patch.  The console output is also very similar, but shows the difference in the load address: *** Booting MCUboot v2.1.0-rc1-389-g4eba8087fa60 *** *** Using Zephyr OS build v4.2.0 *** I: Starting bootloader I: Primary slot: version=0.0.0+0 I: Image 0 Secondary slot: Image not found I: Image 0 RAM loading to 0x20000000 is succeeded. I: Image 0 loaded from the primary slot I: Bootloader chainload address offset: 0x20000000 I: Image version: v0.0.0 I: Jumping to the first image slot *** Booting Zephyr OS build v4.2.0 *** LED state: OFF LED state: ON   Notes Working on this, I ran into some issues using other memory map options.  It seems there are some limitations with the imgtool settings with  CONFIG_MCUBOOT_BOOTLOADER_MODE_RAM_LOAD=y  .  The Zephyr code base seems to make some assumptions about where in RAM the image will be loaded.  For example, when using RAM Load, the imgtool utility must be called with the argument  --load-addr  and the address in RAM, which configures the boot header when signing the application image.  But this Cmake file assumes the load address is the base of the  zephyr,sram  node.  For that reason, the examples provided here place the  zephyr,sram  and  zephyr,flash  nodes for blinky in the same RAM.  Separating these nodes to different RAMs caused issues for me.  If more flexibility is required, one potential option is to modify the app's Cmake file using the needed imgtool settings to generate the needed signed binary for RAM Load.  Imgtool can also be called manually if needed.

If you have any questions or issues related to these resources, please Ask a new question, and the NXP support team can address it there. Most of NXP's contributions to Zephyr occur in the upstream repository at https://github.com/zephyrproject-rtos/zephyr .  Zephyr support is enabled by boards, see the upstream supported boards for the latest list of boards.  Each board has a board document, which includes a Supported Features table of all the features currently supported on that board.  For example, this is the upstream FRDM-MCXN947 board page. NXP also provides a downstream ecosystem called the Zephyr Software Developement Kit (ZSDK).  Some devices/boards have additional support in the NXP ZSDK.  To review the NXP ZSDK support, see the release notes.  To learn more, see Introduction to ZSDK Downstream and ZSDK Getting Started. Connectivity Devices: For Wi-Fi and Bluetooth, the NXP ZSDK includes additional release notes.  This link is for the ZSDK release nxp-v4.1.0, and the bottom of the page links to the document "wireless-soc-features-and-release-notes-zephyr.pdf".  Refer to the latest release tag for the lastest documents.

NXP’s Hardware Abstraction Layer (HAL) is based on the MCUXpresso SDK drivers.  To learn more, see the blog Zephyr Software Code Reuse with NXP MCUXpresso SDK.  Most Zephyr users want to use the Zephyr driver APIs in their application for portability.  But if a Zephyr driver is not supported on a platform, or if there is no Zephyr driver for a hardware peripheral, another option is to use the MCUXpresso SDK driver directly in the application.  This article provides details, using the PUF driver as an example on the LPC55S69. NXP had a major update to the MCUXpresso SDK in v24.12 that restructured the SDK.  This new HAL was added in Zephyr after the Zephyr v4.1 release, in this Pull Request.  This article focuses on using drivers in this latest HAL.  For older versions of Zephyr, or if using an older SOC that is not supported in this latest HAL, see this older post.   HAL drivers with Zephyr support are included in an app using devicetree and Kconfig.  To include other drivers not managed by Zephyr, simply add a line in the application's CMakeLists.txt file enabling that driver.  The first line shown below instructs Cmake to include the PUF driver by setting the variable  CONFIG_MCUX_COMPONENT_driver.puf .  Note: be sure to set these variables before the find_package(Zephyr ...) line. set(CONFIG_MCUX_COMPONENT_driver.puf ON) find_package(Zephyr REQUIRED HINTS $ENV{ZEPHYR_BASE})   With the driver included in the build, the driver APIs can be used in the application.  This is a simple app using a PUF driver API: #include <fsl_puf.h> int main(void) { puf_config_t conf; PUF_GetDefaultConfig(&conf); return 0; }   To find the name of the Cmake variable to use for a driver, look in the mcuxsdk-core repo.   This is the Kconfig file for the PUF driver, and it defines the Kconfig symbol named MCUX_HAS_COMPONENT_driver.puf.  Add the CONFIG_ prefix to get the final symbol name CONFIG_MCUX_HAS_COMPONENT_driver.puf .

These steps walk through building the Zephyr TF-M sample with PSA crypto for the FRDM-RW612 board using NXP's downstream Zephyr release.  This uses the v4.0.0 release.  Steps below are provided using CLI or the MCUXpresso extension for VS Code. Before starting, import/clone the downstream ZSDK repo at https://github.com/nxp-zephyr/nxp-zephyr using the release tag nxp-v4.0.0 .  These steps are using the JLink debug probe. Building and Flashing with CLI The TF-M samples use the non-secure (NS) board variant when building.  Build with this command below (this builds with LOTS of warnings): west build -b frdm_rw612//ns samples/tfm_integration/psa_crypto/ --pristine The build generates a file that merges both images into a HEX file named tfm_merged.hex.  The command below programs this HEX file to the board: west flash See below for the console output printed from this demo Reprogramming the flash in ISP mode Once this image is programmed in the flash, it interferes with the JLink debug probe, and reflashing the board will fail.  A simple workaround is to force the MCU in ISP mode at boot.  In ISP mode, the app firmware does not execute, and the JLink can erase and update the flash.   To enter ISP mode on the FRDM-RW612 board, hold down the ISP button SW3.  Then press and release the Reset button SW1.  The MCU is now in ISP mode and can be reflashed. VS Code: Build, Program, and Debug The current release of the MCUXpresso extension for VS Code is the prerelease of v24.11.51.  This release does not yet support out-of-tree boards, and will not provide the option to import the application for the NS board variant.  These steps will import for the default FRDM-RW612 variant, and then modify the VS Code file to use the NS variant. In VS Code, use the MCUXpresso Quickstart panel to Import Example from Repository. Select the board FRDM_RW612, and the template tfm_integration/psa_crypto.   Before building, the project needs to be modified to use the NS board variant.  Open the file CMakePresets.json:   Modify the board name to frdm_rw612//ns for the NS variant.  Save the file.   Build the project in VS Code.  This build has LOTS of warnings. The debugger is not aware that the tfm_merged.hex file is used to program the flash.  This file must first be programmed to the flash before using the debugger.  In the VS Quickstart Panel, launch the Flash Programmer, and select the Segger probe type to use with JLink.  Select the psa_crypto project, the PROGRAM tab, and browse to the tfm_merged.hex file generated in the sample build folder.  Then click Run.  This programs the firmware image to flash.   The app will now boot and run, and print the console output shown in the section below.  To reprogram the flash, see the ISP section above. With the image programmed in flash, VS Code can now debug the application.  Launch the VS Code debugger.  Once connected, you may need to click the Restart button to properly connect and halt at main().     Console output Once the board is programmed, the app will print the following: Booting TF-M v2.1.1 [WRN] This device was provisioned with dummy keys. This device is NOT SECURE [Sec Thread] Secure image initializing! [INF][PS] Encryption alg: 0x5500200 [INF][Crypto] Provision entropy seed... [INF][Crypto] Provision entropy seed... complete. *** Booting Zephyr OS build nxp-v4.0.0 *** [00:18:23.434,135] <inf> app: att: System IAT size is: 367 bytes. [00:18:23.434,145] <inf> app: att: Requesting IAT with 64 byte challenge. [00:18:23.439,264] <inf> app: att: IAT data received: 367 bytes. 0 1 2 3 4 5 6 7 8 9 A B C D E F 00000000 D2 84 43 A1 01 26 A0 59 01 23 AA 3A 00 01 24 FF ..C..&.Y.#.:..$. 00000010 58 40 00 11 22 33 44 55 66 77 88 99 AA BB CC DD X@.."3DUfw...... 00000020 EE FF 00 11 22 33 44 55 66 77 88 99 AA BB CC DD ...."3DUfw...... 00000030 EE FF 00 11 22 33 44 55 66 77 88 99 AA BB CC DD ...."3DUfw...... 00000040 EE FF 00 11 22 33 44 55 66 77 88 99 AA BB CC DD ...."3DUfw...... 00000050 EE FF 3A 00 01 24 FB 58 20 A0 A1 A2 A3 A4 A5 A6 ..:..$.X ....... 00000060 A7 A8 A9 AA AB AC AD AE AF B0 B1 B2 B3 B4 B5 B6 ................ 00000070 B7 B8 B9 BA BB BC BD BE BF 3A 00 01 25 00 58 21 .........:..%.X! 00000080 01 D1 C4 11 B1 5F 2D F0 38 6A A3 00 6A 74 D6 B4 ....._-.8j..jt.. 00000090 4A EA DE 02 56 0A E8 DB 67 F0 75 2C B4 75 21 F5 J...V...g.u,.u!. 000000A0 A1 3A 00 01 24 FA 58 20 AA AA AA AA AA AA AA AA .:..$.X ........ 000000B0 BB BB BB BB BB BB BB BB CC CC CC CC CC CC CC CC ................ 000000C0 DD DD DD DD DD DD DD DD 3A 00 01 24 F8 3A 3B FF ........:..$.:;. 000000D0 FF FF 3A 00 01 24 F9 19 30 00 3A 00 01 24 FE 01 ..:..$..0.:..$.. 000000E0 3A 00 01 24 F7 71 50 53 41 5F 49 4F 54 5F 50 52 :..$.qPSA_IOT_PR 000000F0 4F 46 49 4C 45 5F 31 3A 00 01 25 01 77 77 77 77 OFILE_1:..%.wwww 00000100 2E 74 72 75 73 74 65 64 66 69 72 6D 77 61 72 65 .trustedfirmware 00000110 2E 6F 72 67 3A 00 01 24 FC 73 30 36 30 34 35 36 .org:..$.s060456 00000120 35 32 37 32 38 32 39 2D 31 30 30 31 30 58 40 7D 5272829-10010X@} 00000130 BF CA 23 43 CA 0F E7 45 53 C9 75 83 F0 EA 33 C8 ..#C...ES.u...3. 00000140 37 B9 35 5F 21 C7 C3 B3 2F 16 7A 91 94 CA 8D 13 7.5_!.../.z..... 00000150 2A 01 84 E7 C6 82 69 97 86 0C 7A 1C BD 98 9F 88 *.....i...z..... 00000160 A9 EA AB 0F DB F9 1D 9D C8 EE 5D D6 77 93 AF ..........].w.. [00:18:23.620,682] <inf> app: Persisting SECP256R1 key as #1 [00:18:23.635,930] <err> app: Already exists [00:18:23.636,006] <err> app: Function: 'crp_gen_key_secp256r1' [00:18:23.636,011] <err> app: Failed to generate key. [00:18:23.653,441] <inf> app: Calculating SHA-256 hash of value 0 1 2 3 4 5 6 7 8 9 A B C D E F 00000000 50 6C 65 61 73 65 20 68 61 73 68 20 61 6E 64 20 Please hash and 00000010 73 69 67 6E 20 74 68 69 73 20 6D 65 73 73 61 67 sign this messag 00000020 65 2E e. 0 1 2 3 4 5 6 7 8 9 A B C D E F 00000000 9D 08 E3 E6 DB 1C 12 39 C0 9B 9A 83 84 83 72 7A .......9......rz 00000010 EA 96 9E 1D 13 72 1E 4D 35 75 CC D4 C8 01 41 9C .....r.M5u....A. [00:18:23.702,711] <inf> app: Signing SHA-256 hash 0 1 2 3 4 5 6 7 8 9 A B C D E F 00000000 15 A3 E4 C2 AF 1B D2 AF 28 31 2C 42 9B A6 41 06 ........(1,B..A. 00000010 13 B4 45 E7 5D A9 A2 1D 2A 82 72 78 A3 B7 57 5A ..E.]...*.rx..WZ 00000020 A5 81 F8 66 76 F0 DB 46 E2 67 2E 55 0A A7 F8 55 ...fv..F.g.U...U 00000030 13 F1 74 1C C9 05 36 AF 97 4B E1 8E 29 8B 86 0A ..t...6..K..)... [00:18:23.749,169] <inf> app: Verifying signature for SHA-256 hash [00:18:23.771,732] <inf> app: Signature verified. [00:18:23.911,110] <inf> app: Destroyed persistent key #1 [00:18:23.917,526] <inf> app: Generating 256 bytes of random data. 0 1 2 3 4 5 6 7 8 9 A B C D E F 00000000 BB C4 36 83 E4 85 A1 90 C8 F5 43 E1 7D 70 FA 7E ..6.......C.}p.~ 00000010 2F 84 A2 98 F5 9E FB 9B F6 6F B1 FB 1C 4C 49 2D /........o...LI- 00000020 5C A0 24 3C A5 47 87 EA 6F B7 31 AA 07 53 59 89 \.$<.G..o.1..SY. 00000030 6E 7A FF 5B C3 FA B1 33 3D 67 08 F4 36 8F D2 96 nz.[...3=g..6... 00000040 BE 36 C6 36 84 C2 53 54 76 30 92 8F F6 AF 74 5A .6.6..STv0....tZ 00000050 63 4D 8F 64 ED 55 F9 5A 64 DC EF F1 44 69 78 45 cM.d.U.Zd...DixE 00000060 05 A3 70 AD 20 78 59 85 A2 FD 5F 05 08 6D 5A 80 ..p. xY..._..mZ. 00000070 19 16 52 9C EC C1 C8 EC FD 1B 4B 1E 1E 6C 7A 7F ..R.......K..lz. 00000080 D4 83 74 17 BC D5 76 08 D7 55 35 75 5E 07 DE 50 ..t...v..U5u^..P 00000090 11 0E 38 19 79 27 BB 42 B0 32 67 FC FE 18 10 0F ..8.y'.B.2g..... 000000A0 09 55 A3 6A B0 34 22 4C 23 24 DF 14 87 F1 1C 48 .U.j.4"L#$.....H 000000B0 0F 1E 75 A5 B4 C2 B4 D5 68 EB 8A D9 EE 92 FE 0D ..u.....h....... 000000C0 09 FC 1D 39 F1 A0 79 E0 01 BF C0 D7 F5 94 3A 17 ...9..y.......:. 000000D0 8F 83 39 E0 33 BA 82 C3 65 7C C0 D4 82 D5 56 5B ..9.3...e|....V[ 000000E0 44 C9 61 BC 75 58 3D 1D 6F B2 BB EE 2B 8C 97 E2 D.a.uX=.o...+... 000000F0 12 57 EA BF 0A FE 6E AA FF 03 D4 C6 0B 74 12 23 .W....n......t.# [00:18:24.035,192] <inf> app: Initialising PSA crypto [00:18:24.040,673] <inf> app: PSA crypto init completed [00:18:24.046,396] <inf> app: Persisting SECP256R1 key as #1 [00:18:24.193,132] <inf> app: Retrieving public key for key #1 0 1 2 3 4 5 6 7 8 9 A B C D E F 00000000 04 7B C3 8E 36 E3 11 88 C1 4E 36 4C 9E 37 41 3A .{..6....N6L.7A: 00000010 0B 1A 59 2E 2A AA C4 B6 FD E5 16 62 75 27 C7 49 ..Y.*......bu'.I 00000020 EA FC 9B 7A 06 9D 4A 1A F0 F8 18 C4 6D E1 DC FE ...z..J.....m... 00000030 52 59 EE 55 7F 38 83 CC CF 15 63 2B 16 CA 79 DA RY.U.8....c+..y. 00000040 7B { [00:18:24.245,819] <inf> app: Adding subject name to CSR [00:18:24.251,632] <inf> app: Adding subject name to CSR completed [00:18:24.258,199] <inf> app: Adding EC key to PK container [00:18:24.264,362] <inf> app: Adding EC key to PK container completed [00:18:24.271,223] <inf> app: Create device Certificate Signing Request [00:18:24.296,971] <inf> app: Create device Certificate Signing Request completd [00:18:24.304,898] <inf> app: Certificate Signing Request: -----BEGIN CERTIFICATE REQUEST----- MIHpMIGQAgEAMC4xDzANBgNVBAoMBkxpbmFybzEbMBkGA1UEAwwSRGV2aWNlIENl cnRpZmljYXRlMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEe8OONuMRiMFONkye N0E6CxpZLiqqxLb95RZidSfHSer8m3oGnUoa8PgYxG3h3P5SWe5VfziDzM8VYysW ynnae6AAMAoGCCqGSM49BAMCA0gAMEUCIQC9LqdaYIJqBw4Pvqyd5vrYnUmjLFhY LidxcY0g8x4LyAIgLUUnRyBduyCFFUl0RaXHrUbDarPLk35XO5kBnJxDfFQ= -----END CERTIFICATE REQUEST----- [00:18:24.346,162] <inf> app: Encoding CSR as json [00:18:24.351,600] <inf> app: Encoding CSR as json completed [00:18:24.357,605] <inf> app: Certificate Signing Request in JSON: {"CSR":"-----BEGIN CERTIFICATE REQUEST-----\nMIHpMIGQAgEAMC4xDzANBgNVBAoMBkxpbm} [00:18:24.400,811] <inf> app: Done.