Arm Mbed OS support forum

Use X.509 module for mbedTLS to generate a CSR on a bare-metal application

Hi all,

I am looking for a way to generate a Certificate Signing Request (CSR) on a bare-metal microcontroller, which runs C code with no OS. I am using the NRF52832 SOC, from Nordic Semiconductor and and Optiga Trust X cryptographic IC to perform the cryptographic operations in hardware.

My goal is to create a CSR in the microcontroller, using the cryptographic chip to hash, sign and validate the certificate.

From my research, it seems to me that mbedTLS X.509 module is capable of constructing CSRs and it can be ported to bare-metal embedded systems. From the function prototypes of mbedTLS, it appears that I can perform the cryptographic operations in hardware and use the software to generate a CSR in a X.509 format.

Since I am having troubles integrating the library with the remaining of my code, and before investing more time on this library, can anyone please clarify if the X.509 module from mbedTLS can be used standalone on a MCU without an OS?

Thank you in advance