I have an existing mbed 5 based application which uses SSL to move data from a Client, via cellular up to a back-end. The Cellular modem in this case has a Protocol stack and the Client sends AT commands that setup the Secure connection.
ie.
AT+USECMNG=1,0,“DigiCertGlobalRootCA”,“root.cer”.
In this case the Client (me) has an actual Certificate embedded in the code which is referenced.
I now have to interface to a system that will use a standard SSL Server Certificate, issued for a specific hostname instead of a client identify. Me (client) will be connecting to a defined server domain and validating, using Public Key Infrastructure, the our server is the trusted owner of the specific domain. The certificate that make this authentication possible is also used to encrypt the data sent between client and server.
I’m not sure of the steps required to proceed here. Can I get this done using the modem’s protocol stack?
Do I need to bring in mbedtls? That seems complex and will definitely inflate the size of my Application.
I’m deferring here to the experts for advice.
Thank you!