This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

SIMPLELINK-CC32XX-SDK: Notice for Customers Using Dropbox for OTA Updates - question about update testing

Part Number: SIMPLELINK-CC32XX-SDK
Other Parts Discussed in Thread: CC3220SF

Hi All,

TI have posted in this thread guidelines for how to support the upcoming change in dropbox certification for OTA updates

The guidelines are clear, however a question rise about testing - how can we assure that performing those guidelines will support this upcoming dropbox change?

we've approached dropbox with a request to be able to test this change in some way, e.g. assigning this change to a specific dropbox account with the new certificate for testing period but they reported that this is something they cannot do

does TI guarantee somehow the given guidelines will make our CC32XX solution to be compliant to the dropbox change?

Regards,

Omer

  • Using PEM with 2 certificates (old and new) is a good solution for CC323x (gen3) devices. But it doesn't work with CC3220 (gen2) devices (in such case only the first certificate in the file will be used - and in the SDK's "RootCaCerts.pem" this is the new "DigiCert Global Root CA").

    We haven't verified this against Dropbox. But the 2 certificates solution was verified against other servers.

    The next SDK will include the option to set different certificate per server so you can still prepare it to the Dropbox change, e.g.:

    #define OTA_SERVER_ROOT_CA_CERT                     "digcert_high_assurance_ca.der"
    #define OTA_CONTENT_SERVER_ROOT_CA_CERT  "digcert_global_root_ca.der"

    However, this depends on Dropbox doing the exact change they did before.

    Since we can't guarantee this, we recommend that you will use in your application a fallback method for the case of failure. Either (1) an ability to update the certificate in flash after a failure, (2) using an alternate cloud server or (3) using the local OTA approach.

    Internally we are considering whether we keep supporting the existing cloud servers or move to different ones that are more IOT oriented.

    We are also planning to add a some fixes to the library that will ease the fallback support. But this won't be ready for the August time frame.

    Br,

    Kobi

  • thanks for the response

    if the only option for gen2 devices is the next SDK, when do we can expect its release?

    keeping in mind that the prominent change of the dropbox certification is in B/August

    BR,

    Omer

  • 2nd quarter's SDK (SDK5.20) should be available by the end of this month.  

  • Hi Kobi,

    We are working with the CC3220SF, with dropbox.

    We changed to "RootCaCerts.pem" as certificate. Following your note above, we have edited the "RootCaCerts.pem" file and replaced the order of the certificates. The OTA is still working on Dropbox.

    It seems that the "RootCaCerts.pem" is working on Dropbox with their current settings.

    Do you have an example how to perform the fallback between Dropbox and github on SDK 5.1?

    Regards,

  • No. We don't have an example of a backup method currently. We'll add it in one of the next SDK releases.

    Br,

    Kobi

  • Hi Kobi,

    you stated that SDK5.2 should be released by the end of June but i don't see it is available yet

    can you update?

  • The SDK is ready. I believe it will be available online in 1-2 days.

    br,

    Kobi