Community
cancel
Showing results for 
Search instead for 
Did you mean: 
idata
Community Manager
2,435 Views

Intel Galileo install trusted CA

Hi guys without going into too much detail of the project I am working on a network that includes 2 Intel Galile (not web accessible), two Arduino Uno, one Windows Raspberry Pi and one and one Debian Raspberry Pi which acts as a gateway and is the only web accessible device. Basically with exception of the Uno which both connect to the Galileo via serial the rest of the devices communicate to the gateway device using MQTT. I have created my own CA and generated a signed cert for the two galileo using the local ip addresses as I am only aiming to secure the data passed within the network not over the internet. I am trying to find docs on how to install a root ca to the Galileo so that my CA is trusted and can send secure MQTT messages backwards and forwards, possibly maybe integrating sockets as well which will also need to be encrypted. Can anyone tell me how to install the CA on my Galileo so that they can be accessed securely via say https://192.168.1.1 https://192.168.1.1 etc.

Thanks in advance.

Tags (1)
0 Kudos
7 Replies
Pablo_M_Intel
Employee
69 Views

Hi AdamMiltonBarker,

We haven't tried this before, however looking in the web I found a tutorial for setting a root CA. The problem is that another board is being used instead of a Galileo but I will try to follow the steps and see if it works after some tweaks. I'll post my results here.

If you also want to check the guide, follow this link: https://robpol86.com/root_certificate_authority.html https://robpol86.com/root_certificate_authority.html.

Regards,

PabloM_Intel

idata
Community Manager
69 Views

Hi thanks I already have set up the CA it is the actual installation of the root certificate on the Intel Galileo (and other devices) that I am trying to find how to do, but that is a cool tutorial my gateway I have made is a RPI so I may just make the gateway become the CA and automatically generate its own certificates for itself and the devices on the network but still need to find out how to install the roo ca on the other devices.

idata
Community Manager
69 Views

In fact that is a very cool tutorial lol.

idata
Community Manager
69 Views

Hi I wonder if you have anymore info on this just for clarification this is the situation and what I am trying to achieve:

1. The RPI gateway I have built already has a signed (by trusted CA) cert that is used for the nginx webserver.

2. I have created my own CA system and have a root certificate I need to install on the local network devices (including Intel Galileo and Arduino UNO) so that certificates generated for those boards are accepted by my local network devices.

3. I cannot find how to actually add the root cert as a trusted cert on the Intel Galileo (and Arduino), this is what I am wanting to do, so that when the gateway or the other devices communicate with it and vice versa, there are no issues.

Pablo_M_Intel
Employee
69 Views

Hi AdamMiltonBarker,

We are still investigating your issue. Doing some research in the Community I found this thread that you might find helpful /message/242546 https://communities.intel.com/message/242546. We'll get back to you if we found something that can help you.

Regards,

PabloM_Intel

idata
Community Manager
69 Views

Thanks I had searched the whole internet let alone the forum Missed that one though thanks will see how it helps.

idata
Community Manager
69 Views

Well I never get a reply from this topic, and still no luck. I also have a new issue RE ssls even when the Python package actually has the SSL cert required for the broker included in the package. Can anyone explain why:

Reply