Mender <> AWS IoT Core Integration- Private Key issues

vimoxshah · August 20, 2024, 12:12pm

I’m testing out AWS IoT Core integration and when I try read the private key that is issued by Mender I am getting errors. The private key I’m testing can be found in the mender-configure area on the device or in the mender web panel under the device variables.
I found out that the keys provided through mender-configure are ECC 256 bits keys. For some unknown reason, openssl doesn’t like that the header is -----BEGIN PRIVATE KEY----- (I suppose it thinks it should be a PKCS#8 key).

Why mender-configure generate ECC 256 bit keys? can we generate the header like -----BEGIN EC PRIVATE KEY----- using mender-configure?

vimoxshah · September 2, 2024, 7:41am

HI @TheYoctoJester can you please help on this question?

alfrunes · September 3, 2024, 7:12am

Hello @vimoxshah

I’m sorry, I was handling the issue and forgot to update you about the status. Indeed, what you’re pointing out is a bug. The key is serialized as SEC 1 (RFC-5915), but it uses PKCS#8 PEM headers. I implemented a fix to consistently use PKCS#8 format for the key issued for the device.

Topic		Replies	Views
AWS IoT Core Integration- Private Key issues? General Discussions	3	837	August 13, 2024
PKCS11 with OpenSSL 3.0 General Discussions	4	46	July 22, 2024
Use ECC keys for authentication between Mender client server General Discussions	5	744	April 24, 2022
AWS IoT Core Integration doesn't deploy certificates General Discussions aws-iot-core-integration	0	43	July 22, 2024
PKCS11 not working on mender client with TPM General Discussions	5	743	November 28, 2023

Mender <> AWS IoT Core Integration- Private Key issues

Related Topics