Downloading TLS-Related Files for a Specific TLS Context
For downloading a TLS-related file through the Automatic Update mechanism, you can specify the TLS Context for which you want to download the file. This is done by including the "#<TLS Context index row>" placeholder in the URLs of the following file provisioning parameters:
| ■ | [TLSCertFileUrl] - certificate file |
| ■ | [TLSPkeyFileUrl] - private key file |
| ■ | [TLSRootFileUrl] - trusted root file |
For example, if you want the device to download a certificate file for the TLS Context that is configured in the TLS Contexts table for index row #2, configure the [TLSCertFileUrl] parameter to "http://10.1.1.12/certs.pem#2". In this example, the device downloads the file from URL http://10.1.1.12/cert.pem (i.e., without the placeholder) and adds it to TLS Context #2. If such a TLS Context doesn't not appear in the TLS Contexts table, the device doesn't download the file (and generates a syslog message with the appropriate error).
| ● | If the URL doesn't contain the "#<TLS Context index row>" placeholder (e,g., "http://10.1.1.12/certs/cert.pem"), the device attempts to download the TLS-related file for TLS Context #0 only. |
| ● | You can provision the device with a Configuration Package file that contains all the device's certificates (automatic update > configuration-pkg). If this file contains the certificates, it's password-protected (encrypted) and therefore, you need to specify the password (automatic update > default-configuration-package-password). For more information on this file, see Downloading and Uploading the Configuration Package File. |