How to Update PKI Configuration

[中文]

This document describes how to update the default PKI configuration provided by ESP-AT by recompiling the firmware. The PKI configuration includes certificates and keys for TLS clients, TLS servers, MQTT clients, WebSocket clients, HTTP clients, and WPA2 Enterprise clients.

Note

If you want to update certificates at runtime using AT commands without recompiling the firmware, please refer to AT+SYSMFG command examples.

Introduction to PKI Configuration 

The source file for the current default PKI configuration is located in the customized_partitions/raw_data directory, as shown below:

Function

Current Configuration

Related AT Commands

TLS client

Set 0 client configuration

client_ca_00.crt

client_cert_00.crt

client_key_00.key

Set 1 client configuration

client_ca_01.crt

client_cert_01.crt

client_key_01.key

AT+CIPSTART

AT+CIPSSLCCONF

TLS server

server_ca.crt

server_cert.crt

server.key

AT+CIPSERVER

MQTT client

mqtt_ca.crt

mqtt_client.crt

mqtt_client.key

AT+MQTTUSERCFG

WebSocket client

Set 0 client configuration

wss_ca_00.crt

wss_client_00.crt

wss_client_00.key

Set 1 client configuration

wss_ca_01.crt

wss_client_01.crt

wss_client_01.key

AT+WSCFG

HTTP client

Set 0 client configuration

https_ca_00.crt

https_client_00.crt

https_client_00.key

Set 1 client configuration

https_ca_01.crt

https_client_01.crt

https_client_01.key

AT+HTTPCFG

WPA2 Enterprise client

wpa2_ca.pem

wpa2_client.crt

wpa2_client.key

AT+CWJEAP

Please modify the PKI configurations according to your own needs and generate mfg_nvs.bin file.

Generate mfg_nvs.bin

Please refer to Generate mfg_nvs.bin document to generate the mfg_nvs.bin file with the PKI configurations.

Download mfg_nvs.bin

Please refer to Download mfg_nvs.bin document.

Provide feedback about this document

How to Update PKI Configuration

Introduction to PKI Configuration

Generate mfg_nvs.bin

Download mfg_nvs.bin

Introduction to PKI Configuration 