Downloading TLS-related Files for All TLS Contexts
You can download a specific TLS-related file in one configuration through the Automatic Update mechanism, for all TLS Contexts in the TLS Contexts table. This is done by including the <ID> meta-variable in the URLs of the following file provisioning parameters:
| ■ | [TLSCertFileUrl] - certificate file |
| ■ | [TLSPkeyFileUrl] - private key file |
| ■ | [TLSRootFileUrl] - trusted root file |
If you configure a parameter with a URL containing the <ID> meta-variable (e,g., "http://10.1.1.12/certs/<ID>/cert.pem"), the device attempts to download the TLS-related file for every existing TLS Context in the TLS Contexts table. For each URL, the device replaces the <ID> placeholder with a number, which is consecutively incremented, starting from 0, according to the number of configured TLS Contexts.
For example, assume that you have configured three TLS Contexts in the TLS Contexts table (Index 0, 1, and 2) and you have configured the [TLSCertFileUrl] parameter to "http://10.1.1.12/certs/<ID>/cert.pem". In this example, the device attempts to download certificate files from the following three URLs:
| ■ | http://10.1.1.12/certs/0/cert.pem (file for TLS Context #0) |
| ■ | http://10.1.1.12/certs/1/cert.pem (file for TLS Context #1) |
| ■ | http://10.1.1.12/certs/2/cert.pem (file for TLS Context #2) |
| ● | If the URL doesn't contain the <ID> meta-variable (e,g., "http://10.1.1.12/certs/cert.pem"), the device attempts to download the TLS-related file for TLS Context #0 only. |
| ● | You can provision the device with a Configuration Package file that contains all the device's certificates (automatic update > configuration-pkg). If this file contains the certificates, it's password-protected (encrypted) and therefore, you need to specify the password (automatic update > default-configuration-package-password). For more information on this file, see Downloading and Uploading the Configuration Package File. |