diff --git a/samples/net/sockets/http_server/CMakeLists.txt b/samples/net/sockets/http_server/CMakeLists.txt index b4853257c78..1f793c1fcef 100644 --- a/samples/net/sockets/http_server/CMakeLists.txt +++ b/samples/net/sockets/http_server/CMakeLists.txt @@ -54,15 +54,12 @@ foreach(web_resource endforeach() foreach(inc_file - ca.der - server.der + server_cert.der server_privkey.der - https-server-cert.der - https-server-key.der ) generate_inc_file_for_target( app - src/${inc_file} + src/certs/${inc_file} ${gen_dir}/${inc_file}.inc ) endforeach() diff --git a/samples/net/sockets/http_server/Kconfig b/samples/net/sockets/http_server/Kconfig index db09c5b261e..a95e0d7a37f 100644 --- a/samples/net/sockets/http_server/Kconfig +++ b/samples/net/sockets/http_server/Kconfig @@ -31,13 +31,6 @@ config NET_SAMPLE_PSK_HEADER_FILE Name of a header file containing a pre-shared key. -config NET_SAMPLE_CERTS_WITH_SC - bool "Signed certificates" - depends on NET_SOCKETS_SOCKOPT_TLS - help - Enable this flag, if you are interested to run this - application with signed certificates and keys. - config NET_SAMPLE_WEBSOCKET_SERVICE bool "Enable websocket service" default y if HTTP_SERVER_WEBSOCKET diff --git a/samples/net/sockets/http_server/src/certificate.h b/samples/net/sockets/http_server/src/certificate.h index 52a3fa9c8ea..eea583b8929 100644 --- a/samples/net/sockets/http_server/src/certificate.h +++ b/samples/net/sockets/http_server/src/certificate.h @@ -8,40 +8,20 @@ #define __CERTIFICATE_H__ enum tls_tag { - /** The Certificate Authority public key */ - HTTP_SERVER_CA_CERTIFICATE_TAG, /** Used for both the public and private server keys */ HTTP_SERVER_CERTIFICATE_TAG, - /** Used for both the public and private client keys */ - HTTP_SERVER_CLIENT_CERTIFICATE_TAG, + /* Used for pre-shared key */ PSK_TAG, }; -#if !defined(CONFIG_NET_SAMPLE_CERTS_WITH_SC) static const unsigned char server_certificate[] = { -#include "https-server-cert.der.inc" -}; - -/* This is the private key in pkcs#8 format. */ -static const unsigned char private_key[] = { -#include "https-server-key.der.inc" -}; - -#else - -static const unsigned char ca_certificate[] = { -#include "ca.der.inc" -}; - -static const unsigned char server_certificate[] = { -#include "server.der.inc" +#include "server_cert.der.inc" }; /* This is the private key in pkcs#8 format. */ static const unsigned char private_key[] = { #include "server_privkey.der.inc" }; -#endif #if defined(CONFIG_MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) #include CONFIG_NET_SAMPLE_PSK_HEADER_FILE diff --git a/samples/net/sockets/http_server/src/ca.der b/samples/net/sockets/http_server/src/certs/ca.der similarity index 100% rename from samples/net/sockets/http_server/src/ca.der rename to samples/net/sockets/http_server/src/certs/ca.der diff --git a/samples/net/sockets/http_server/src/server.der b/samples/net/sockets/http_server/src/certs/server_cert.der similarity index 100% rename from samples/net/sockets/http_server/src/server.der rename to samples/net/sockets/http_server/src/certs/server_cert.der diff --git a/samples/net/sockets/http_server/src/server_privkey.der b/samples/net/sockets/http_server/src/certs/server_privkey.der similarity index 100% rename from samples/net/sockets/http_server/src/server_privkey.der rename to samples/net/sockets/http_server/src/certs/server_privkey.der diff --git a/samples/net/sockets/http_server/src/https-server-cert.der b/samples/net/sockets/http_server/src/https-server-cert.der deleted file mode 100644 index bfcb335e31c..00000000000 Binary files a/samples/net/sockets/http_server/src/https-server-cert.der and /dev/null differ diff --git a/samples/net/sockets/http_server/src/https-server-key.der b/samples/net/sockets/http_server/src/https-server-key.der deleted file mode 100644 index 5a4d67372ea..00000000000 Binary files a/samples/net/sockets/http_server/src/https-server-key.der and /dev/null differ diff --git a/samples/net/sockets/http_server/src/main.c b/samples/net/sockets/http_server/src/main.c index 23ab975cd6c..5bd27c14438 100644 --- a/samples/net/sockets/http_server/src/main.c +++ b/samples/net/sockets/http_server/src/main.c @@ -311,16 +311,6 @@ static void setup_tls(void) #if defined(CONFIG_NET_SOCKETS_SOCKOPT_TLS) int err; -#if defined(CONFIG_NET_SAMPLE_CERTS_WITH_SC) - err = tls_credential_add(HTTP_SERVER_CERTIFICATE_TAG, - TLS_CREDENTIAL_CA_CERTIFICATE, - ca_certificate, - sizeof(ca_certificate)); - if (err < 0) { - LOG_ERR("Failed to register CA certificate: %d", err); - } -#endif /* defined(CONFIG_NET_SAMPLE_CERTS_WITH_SC) */ - err = tls_credential_add(HTTP_SERVER_CERTIFICATE_TAG, TLS_CREDENTIAL_SERVER_CERTIFICATE, server_certificate,