FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

Support of CDP/OCSP for SE050 certificates revocation

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED
Jump to solution

Support of CDP/OCSP for SE050 certificates revocation

Jump to solution
‎02-12-2023 05:43 PM
548 Views
kei_odagiri
Contributor III

I have got a thing to get through about SE050 certificates revocation.

I have known the two intermediate CA was revoked due to receiving NXP's notification. According to the SE050 configurations (AN12436), the certificates named "Cloud Onboarding ECC, SE050C1/SE050C2" have been revoked. I have checked the leaf certificates which were extracted from SE050C1 and downloaded from NXP. These certs don't include the fields such as CPD, OCSP to manipulate certificate revocation. Actually, I tried making my device connect to AWS iot core with the leaf certificate, then it worked to connect to AWS iot core. At first I expected a behavior in which my device with the certificate will be rejected by AWS.

Questions:

1. Currently are you supporting CDP/OCSP server?

2. If not supported, I'd like to know how I can handle this intermediate CA revocation. Especially about connection authentication for cloud service.

Kei Odagiri

Atmark Techno,Inc.

0 Kudos
Reply
1 Solution

Jump to solution
‎02-13-2023 01:18 AM
521 Views
Kan_Li
NXP TechSupport
NXP TechSupport

Hi @kei_odagiri ,

 

No, we are not supporting CDP/OCSP server, but for your case, you may use other trusted certs inside the SE05x for AWS application, just as mentioned in https://www.nxp.com/docs/en/application-note/AN12404.pdf , the untrusted certs might still be ok with AWS but not recommended at all.

 

Hope that makes sense,

 

Have a great day,
Kan


-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

View solution in original post

0 Kudos
Reply
2 Replies

Jump to solution
‎02-13-2023 01:18 AM
522 Views
Kan_Li
NXP TechSupport
NXP TechSupport

Hi @kei_odagiri ,

 

No, we are not supporting CDP/OCSP server, but for your case, you may use other trusted certs inside the SE05x for AWS application, just as mentioned in https://www.nxp.com/docs/en/application-note/AN12404.pdf , the untrusted certs might still be ok with AWS but not recommended at all.

 

Hope that makes sense,

 

Have a great day,
Kan


-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

0 Kudos
Reply

Jump to solution
‎02-13-2023 04:45 PM
511 Views
kei_odagiri
Contributor III
Thank you.
0 Kudos
Reply