Other Parts Discussed in Thread: CC3220S
I need to update OTA the wlan certificate (/cert/ca.pem, client.pem and private.key) on our c3200 devices and have some related questions.
1: What's the best way to overwrite the certificates? Do I need to do a sl_Stop/sl_Start or just a sl_WlanDisconnect ?
Typically I want to:
- download OTA a new wifi config + the certificates.
- Save the current config temporarily
- apply the new one
- test connection
- if no connection revert to old config
- if connection drop old config and save new one
Can I use the fail safe mechanism (_FS_FILE_OPEN_FLAG_COMMIT) to test and close the file only on success?
Alternatively, can we use the api to change which file is used? E.g. switch from /cert/client.pem to /cert/client1.pem?
2: What format of certificate are supported?
From the doc CC32xx ENT WLAN.pdf which mention a ".pem" file I suppose it handles bin64 file ".pem". Is it also possible to use binary equivalent ".der"? What are the restrictions to the format (for example only one key per file) and is there a way to test compatibility before sending it to the device?
3: Is it possible to store the wpa2 enterprise certificates/keys in an encrypted format in the flash?
