Arm Mbed OS support forum

Human readable private keys included in x509 library

I’m building the Mbedtls 2.16.0 sources myself and found something I cannot explain, hopefully someone with more knowledge could give me some insight. When I did a composition analysis with Black Duck it seems that binaries linking with the library have human readable private keys included(!). My question is where do these come from and how can I prevent this? The following Mbedtls files are included in one of my libraries:

  • certs.o
    
  • pkcs11.o
    
  • x509.o
    
  • x509_create.o
    
  • x509_crl.o
    
  • x509_crt.o
    
  • x509_csr.o
    
  • x509write_crt.o
    
  • x509write_csr.o