- Short range radio modules
- Positioning chips and modules
u-blox Products
- Product selector
- Previous generations
- Contact sales
Find products
- Product documentation
Documentation
12 Security
Security AT commands
12.1 AT Commands
AT Command | Description |
|---|---|
Security Certificate Remove | |
Security Certificate Upload Binary | |
Security Certificates List | |
Security TLS Extensions | |
Security TLS Extensions Server Name Indication | |
Security TLS Extensions Handshake Fragmentation |
12.1.1 AT+USECR - Security Certificate Remove
Syntax
AT Command | Description |
|---|---|
AT+USECR=<cert_type>,<name> | Remove a single X.509 certificate or private key. |
AT+USECR | Remove all X.509 certificates and private keys. |
Defined values
Parameter | Type | Description |
|---|---|---|
cert_type | enumerator | Valid values: 0: Root certificate 1: Client certificate 2: Client private key |
name | string | Valid length: 1..32 |
12.1.2 AT+USECUB - Security Certificate Upload Binary
Syntax
AT Command | Description |
|---|---|
AT+USECUB=<cert_type>,<name>{binary_data} | Write an X.509 certificate or private key using binary transfer. |
AT+USECUB=<cert_type>,<name>,<password>{binary_data} | Write an X.509 certificate or private key with password using binary transfer. |
Defined values
Parameter | Type | Description |
|---|---|---|
binary_data | binary | The certificate data. |
cert_type | enumerator | Valid values: 0: Root certificate 1: Client certificate 2: Client private key |
name | string | Valid length: 1..32 |
password | string | Decryption password; applicable only for PKCS8 encrypted client private keys. The maximum length is 64 characters. NOTE: Supported Encryption method for private keys is AES only Valid length: 1..64 |
Notes
Note that the size of the certificate can be maximum 15360 bytes and that maximum 8 certs (or cert chains) can be stored simultaneously
Note that the size of the certificate can be maximum 15360 bytes and that maximum 8 certs (or cert chains) can be stored simultaneously
12.1.3 AT+USECL - Security Certificates List
Syntax
AT Command | Description |
|---|---|
AT+USECL? | Read all uploaded certificate names |
Response | Description |
|---|---|
+USECL:<cert_type>,<name> | Successful read response. Note that there will be one response per certificate |
Defined values
Parameter | Type | Description |
|---|---|---|
cert_type | enumerator | Valid values: 0: Root certificate 1: Client certificate 2: Client private key |
name | string | Valid length: 1..32 |
12.1.4 AT+USETE - Security TLS Extensions
Syntax
AT Command | Description |
|---|---|
AT+USETE? | Read all TLS extension settings |
Response | Description |
|---|---|
+USETE:<extension>,<enabled> | Successful read response |
Defined values
Parameter | Type | Description |
|---|---|---|
extension | enumerator | Valid values: 0: Server Name Extension 1: Handshake fragmentation |
enabled | enumerator | Valid values: 0: Disabled 1: Enabled |
12.1.5 AT+USETE0 - Security TLS Extensions Server Name Indication
Syntax
AT Command | Description |
|---|---|
AT+USETE0=<enabled> | Turn Server Name Indication TLS extension on and off on a system level Notes: Can be stored using AT&W. |
AT+USETE0? | Read Server Name Indication setting |
Response | Description |
|---|---|
+USETE0:<enabled> | Successful read response |
Defined values
Parameter | Type | Description |
|---|---|---|
enabled | enumerator | Valid values: 0: Disabled 1: Enabled |
12.1.6 AT+USETE1 - Security TLS Extensions Handshake Fragmentation
Syntax
AT Command | Description |
|---|---|
AT+USETE1=<enabled> | Turn Handshake Fragmentation TLS extension on and off on a system level Notes: Can be stored using AT&W. |
AT+USETE1? | Read Handshake Fragmentation setting |
Response | Description |
|---|---|
+USETE1:<enabled> | Successful read response |
Defined values
Parameter | Type | Description |
|---|---|---|
enabled | enumerator | Valid values: 0: Disabled 1: Enabled |
Last updated: 04 March 2025
Need help?Contact Support
Questions?Contact us