3 Generate the Encrypted Provisioning Package

  1. After reviewing your submission, Microchip will respond via your support case with the following:
    1. An RSA public key (always provided)
    2. A Certificate Signing Request (CSR) (only if using a custom PKI)
  2. Download these files from the attachments section of the support case.
    Figure 3-1. Download RSA Key and CSR
  3. Return to the Trust Platform Design Suite.
  4. Open the appropriate TrustFLEX/TrustCUSTOM configurator:
    Figure 3-2. TPDS Configurator Tab
  5. Configure the device exactly as intended for production, including:
    1. Use cases
    2. Keys
    3. Certificates
    4. Slot configuration
      Important: When generating the Encrypted Provisioning Package to request verification units, use real project secret keys for production so the final configuration and keys can be fully validated. During prototyping, use dummy keys to protect you real project secret keys.
  6. Click Generate Encrypted Provisioning Package.
    Figure 3-3. Generate Encrypted Provisioning Package
  7. In the pop-up window, select the following files:
    1. RSA key (required)
    2. CSR (if applicable)
    3. CA key (optional):
      Figure 3-4. Upload RSA Key and CSR
  8. Confirm the selection and download the encrypted provisioning package:
    Figure 3-5. Download Confirmation
  9. Return to your myMicrochip support case.
  10. Under Attachments, click Upload Files.
  11. Select and open the encrypted provisioning package.
  12. Click Done.
    Figure 3-6. Upload Encrypted Provisioning Package