Hello community.
I try to generate SRK table.bin and fuse.bin file in ahab/introduction_ahab.txt
First, generate .pem files by ahab_pki_tree.sh script in section 2.
Next, run srktool with generated SRKx_sha384_secp384r1_v3_usr_key.pem files.
But srktool return rad error as following.
$ srktool -a -s sha384 -t SRK_1_2_3_4_table.bin -e SRK_1_2_3_4_fuse.bin -f 1 -c SRK1_sha384_secp384r1_v3_usr_key.pem,SRK2_sha384_secp384r1_v3_usr_key.pem,SRK3_sha384_secp384r1_v3_usr_key.pem,SRK4_sha384_secp384r1_v3_usr_key.pem
[ERROR] SRKTOOL: Error! Failed to read certificate data from SRK1_sha384_secp384r1_v3_usr_key.pem
In document introduction_ahab.txt or others.
It seems that X.509v3 certificate filenames is SRKx_xxxx_usr_crt.pem not SRKx_xxxx_usr_key.pem.
Is it need some more operate to generate xxxx_usr_crt.pem file?
cst tool is used cst-3.3.1.
Best regards,
Ishii.
Solved! Go to Solution.
It seems that X.509v3 certificate filenames is SRKx_xxxx_usr_crt.pem not SRKx_xxxx_usr_key.pem.
-->Yes, you need check your step about generating .pem file.
Hello Qmiller,
Thank you for your reply.
It worked fine if I used ”cst-3.3.1/crts/SRKx_xxxx_usr_crt.pem” instead of "cst-3.3.1/keys/SRKx_xxxx_usr_key.pem" files.
Best regards,
Ishii.
It seems that X.509v3 certificate filenames is SRKx_xxxx_usr_crt.pem not SRKx_xxxx_usr_key.pem.
-->Yes, you need check your step about generating .pem file.