X.509 certificates can be easily managed using the Certstore toolkit.
Certificates and private keys are generated using offline scripts and configuration files. Edit configuration files to establish your self-signing Certificate Authority, organization and common name, along with attributes such as key strength, signing hash, and optional certificate properties. Externally generated certificates can be imported to the Certstore toolkit and compiled in the certificate catalog.
Next, the Certstore compiler processes certificates and keys to generate ANSI C certificate catalog and storage output files. The catalog files are compiled in your project using the standard toolchain.
At run-time, the catalog is indexed by the uSSL SDK or other embedded application, to selectively load the CA, server and client keys. Seamlessly integrated with the uSSL X.509 loader, the certificate and keys are parsed and dynamically loaded into memory.
Features
- Use self-signed certificates and avoid overhead fees for 3rd party CA
- Supports multiple certificate types including RSA and ECDSA
- Supports range of key strength from low, mid to high strength for tradeoff between storage, CPU and security levels.
- ASCII text configuration files
- Command line certificate compiler is supported on Linux and Windows Cygwin
- Uses interoperable standards based X.509 certificate format
- Generates ANSI C portable .C and .H certificate catalog and storage files that can be compiled in const ROM