Trust&GO vs. TrustFLEX vs. TrustCUSTOM Files

The manifest files only contain public information of the device, such as its serial number, certificates and slots’ public information. Depending on the configuration differences, the information in Trust&GO, TrustFLEX and TrustCUSTOM files varies as follows:

Trust&GO TrustFLEX TrustCUSTOM
  • Slot 0 public key information (immutable)
  • Device and signer certificates signed by Microchip CA (immutable)
  • Slot 0 public key information (immutable)
  • Device and signer certificates signed by Microchip or customer CA based on custom PKI selection
  • Slot 1-4 public key information
  • Slot 13-15 public key information
  • Custom information due to unique configuration

Certificate Slots in TrustFLEX Devices

When the user opts to create a custom certificate chain on the TrustFLEX device, the factory provisioned certificates will be overwritten. Trust Platform Design Suite scripts/notebook allow the user to back up default certificates into a local folder before overwriting custom certificates on the device. However, if the board changes hands after provisioning, the new user will not have the back-up certificates and will not be able to revert to factory default.

Parent topic: Manifest Generation