7 File System
The WINCS02 provides an internal secured storage for storing following types of certificates and keys to use with the Transport Layer Security (TLS).
- x509 root certificates
- Client/Device certificates
- Private keys
The secured certificate store is of 60 KB in size and it is write and erase only storage space. The certificates and keys flashed in this memory is only readable through the device firmware.
The certificate store can be accessed through the API's.
The manual certificate/key flashing would need a serial terminal application with X-Modem/Y-Modem file transfer support. In order to simplify this process the firmware release package includes a python based utility which can Flash these files through a simple CLI
The utility also support Send To option on Windows operating system where these files can be flashed into WINCS02 device through the right click options.
By default the WINCS02 modules include following Root Certificates in the certificate store for easier could connectivity.| Issuer | Filename | Expiry | Public Key | Signature Alg. | Notes |
|---|---|---|---|---|---|
| Amazon Root CA 1 | AmazonRootCA1.der | 17 January 2038 01:00:00 | RSA (2048 bits) | SHA256RSA | AWS Cloud |
| Baltimore CyberTrust Root | BaltimoreCyberTrustRoot.der | 13 May 2025 00:59:00 | RSA (2048 bits) | SHA1RSA | Azure Cloud |
| DigiCert High Assurance EV Root CA | DigiCert.der | 10 November 2031 01:00:00 | RSA (2048 bits) | SHA1RSA | — |
| DigiCert Global Root G2 | DigiCertGlobalRootG2.crt | 15 January 2038 13:00:00 | RSA (2048 bits) | SHA256RSA | Azure Cloud |
| DigiCert High Assurance EV Root CA | DigiCertSHA2.der | 22 October 2028 13:00:00 | RSA (2048 bits) | SHA256RSA | — |
| Entrust Root Certification Authority | EnTrust.der | 27 November 2026 21:53:42 | RSA (2048 bits) | SHA1RSA | — |
| GlobalSign Root CA | GlobalSignRoot.der | 28 January 2028 13:00:00 | RSA (2048 bits) | SHA1RSA | — |
| Internet Security Research Group Root X1 | isrgrootx1.der | 04 June 2035 12:04:38 | RSA (4096 bits) | SHA256RSA | LetsEncrypt |
| QuoVadis Root CA 2 | QuoVadis_Root.der | 24 November 2031 19:23:33 | RSA (4096 bits) | SHA1RSA | — |
| VeriSign Class 3 Primary Certification Authority | VeriSign.der | 17 July 2036 00:59:59 | RSA (2048 bits) | SHA1RSA | — |
Setup Details – The PC companion mode (simillar to RNWF02) of the setup must be used to use the certificate and key utility.
Note: To operate the WINCS02 Add On Board in PC Companion mode, ensure to place the jumper cap on J201.1, J201.2.
The simplest method to use the WINCS02 Add On Board is to connect it to a PC host that supports USB CDC virtual COM (serial) ports using the on-board MCP2200 USB-to-UART converter. The user can send ASCII commands to the WINCS02 Module using a terminal emulator application. In this case, the PC acts as the host device. In addition to UART, Wake and Interrupt pin from WINCS02 Module are also connected to MCP2200’s GPIO pins. This enables to set low power modes via Host PC. The MCP2200 is configured in Reset condition until the USB supply is plugged in.
| Pin on MCP2200 | Pin on WINCS02 Module | Description |
|---|---|---|
| GP0 | NC | NC |
| GP1 | NC | NC |
| GP2 | MCLR | WINCS02 Module Reset |
| GP3 | INT0/WAKE | Input pin to WINCS02 Module to bring out from the Deep sleep/Extreme Deep sleep mode to the WAKE mode. |
| GP4 | IRQ | Output pin from WINCS02 Module to indicate data activity. |
| GP5 | NC | NC |
| GP6 | NC | NC |
| GP7 | NC | NC |