esp8266-std/tools

SSL tools

Refer to ESP8266 Non-OS SDK SSL User Manual

certificate generation

you must choose one of a,b,c to generate your certificate file

a) if you does not have any certificate file which issued by trusted CA

we would generate self-signed CA certificate,and generate certificate and private key with self-signed CA.

• change your CN field in your makefile.sh to your IP address

run the command as the following:

makefile.sh:

$./makefile.sh

generate all of your cert and private key files.

rmfile.sh

$./rmfile.sh

delete all of your cert and private key files.

the certificate files to flash are under the directory bin/

b) if you just have CA certificate: ca.crt which issued by trusted CA

we would generate CA bin:esp_ca_cert.bin for one-way authentication

• **[important]**if CA certificate file is not called ca.crt, please rename it to ca.crt
• ensure the CA certificate file is in PEM format
• copy your ca.crt to tools/ directory

run the command as the following:

makefile.sh:

$./makefile.sh

the command would generate your CA certificate bin

rmfile.sh

$./rmfile.sh

delete all of your generated files

the certificate file to flash is under the directory bin/

c) if you have both CA certificate:ca.crt and client certificate:client.crt and client key:client.key which issued by trusted CA

we would generate CA bin:esp_ca_cert.bin and client certificate/private key bin:esp_cert_private_key.bin for two-way authentication

• **[important]**if their filename is not called ca.crt,client.crt,client.key, please rename it to ca.crt,client.crt,client.key
• ensure the ca.crt,client.crt,client.key are in PEM format
• copy your ca.crt,client.crt,client.key to tools/ directory

run the command as the following:

makefile.sh:

$./makefile.sh

the command would generate all of your CA certificate bin:esp_ca_cert.bin and client bin:esp_cert_private_key.bin.

rmfile.sh

$./rmfile.sh

delete all of your generated files.

the certificate file to flash is under directory bin/