To create a CA List that will hold all of the CA certificates you are willing to accept, you can either compile the certificate data into your project, or you can load it dynamically from a flash drive.
To use the compiled in data, create a header file in your project directory that will hold the certificate data. In this file, create a const char array for each certificate that is initialized as a string literal with each corresponding CA certificates’ data. Make sure to take note of the length of the array, as it will be needed in order to properly create and use the SharkSslCAList
and SharkSslCertStore
objects, which are used to store and utilize the CA List. The example VerifyPeerBasic
demonstrates this method.
To use an SD card or onchip flash to store the certificate data, please see the example VerifyPeerEffs
for further guidance.