Other Parts Discussed in Thread:UNIFLASH
1、根据文档使用uniflash生成scr.der文件,但文档没有描述ca.der、client.der、private.key这三个文件如何生成,那这三个文件怎么获取
2、AP这边的服务器怎么搭建可以测试这个功能
Viki Shi:
这个问题已经在e2echina.ti.com/…/579899回复过了,这三个文件需要自己创建
,
user3692010:
看了文档,还是没看明白啊,只描述了生成scr.der的步骤,而且我也只读出来一个scr.der文件,你能说说步骤吗,或者截图相关操作给我也行吧
,
Viki Shi:
步骤参考如下文档和链接:
www.ti.com/…/swpu332a.pdf
stackoverflow.com/…/how-to-create-a-self-signed-certificate-with-openssl
stackoverflow.com/…/convert-pem-private-key-to-key-format
,
user3692010:
那我是要再搭建一个radius认证服务器去测试吗?
,
Viki Shi:
是的
,
user3692010:
1、NWP用户指南说需要下载ca.der,client.der,private.key,前面又说文件格式必须是pem,那最终下载进去的应该是哪个格式
2、我看到uniflash工具可以生成读取出了csr文件,也可以签名一个csr,但私钥文件在哪里,没有和csr一起读取出来
,
Viki Shi:
1、看你下载的是哪种证书文件:In most cases (SSL and code signing), both formats are supported by the SimpleLink™ Wi-Fi® device. The only exception is the SSL chained certificates, which must be programmed as a PEM file.
2、私钥只是在CSR使用过程中使用一下,不被读取出来
The SimpleLink Wi-Fi device simplifies this process by generating a CSR in PKCS #10 format internally. The CSR is created as a file on the device's file system and can be read like any other non-secure file. An additional benefit of generating the CSR internally is that it allows the private key of the asymmetric key-pair to never be exposed during the certificate creation and registration process.
,
user3692010:
1、文档这么写的
• Client AuthenticationIf the server requires client authentication, the following files are required:– Private Key – Station (client) RSA private key file in PEM format– Client Certificate – Certificate of the client, given by the authenticating network (has the public keymatches to the private key) in PEM format• Server AuthenticationThe SimpleLink Wi-Fi device requires server authentication by default and the following file is required:Server Root CA file – This file must be in PEM format. The demand for server authentication canbe canceled through the WLAN setting. Canceling this authentication is valid for a single manualconnection only.
Those files must be programmed with the following names:• Root CA – sys/cert/ca.der• Client certificate – sys/cert/client.der• Private key – sys/cert/private.key 文件系统里需要der格式,那前面那段客户端证书私钥和服务器端根证书又说必须是pem格式
我不知道需要哪种证书啊,所以问你们,感觉这里矛盾,还是有其他意思
2、那Uniflash -> tools ->sign file的Private Key File不是要这个私钥吗