User's Manual
Table Of Contents
- AT+i Command Set
- Scope
- AT+i Command Guidelines
- AT+i Command Format
- Escape Code Sequence
- Socket Command Abort
- Flexible Host and Modem Interfaces
- Auto Baud Rate Detection
- High Speed USART
- Reset via Serial Link
- Entering Rescue Mode during Runtime
- Internet Session Hang-Up Procedure (Modem Only)
- Modem Startup
- Analog-to-Digital Converter
- iChip Readiness Indication
- Programming iChip’s Serial Number into Flash Memory
- Programming a Unique ID String into Flash Memory
- General Format
- AT+i Result Code Summary
- Report Status
- Connection
- E-mail Send Commands
- E-Mail Retrieve
- HTTP Client Interface
- SerialNET Mode Initiation
- Web Server Interface
- File Transfer Protocol (FTP)
- +i[@]FOPN — FTP Open Session
- +iFDL — FTP Directory Listing
- +iFDNL — FTP Directory Names Listing
- +iFMKD — FTP Make Directory
- +iFCWD — FTP Change Working Directory
- +iFSZ — FTP File Size
- +iFRCV — FTP Receive File
- +iFSTO — FTP Open File for Storage
- +iFAPN — FTP Open File for Appending
- +iFSND — FTP Send File Data
- +iFCLF — FTP Close File
- +iFDEL — FTP Delete File
- +iFCLS — FTP Close Session
- Telnet Client
- Direct Socket Interface
- +iSTCP — Open and Connect A TCP Socket
- +iSUDP — Open A Connectionless UDP Socket
- +iLTCP — Open A TCP Listening Socket
- +iLSST — Get A Listening Socket’s Active Connection Status
- +iSST — Get A Single Socket Status Report
- +iSCS — Get A Socket Connection Status Report
- +iSSND[%] — Send A Byte Stream to A Socket
- +iSRCV — Receive A Byte Stream from A Socket’s Input Buffer
- +iGPNM — Get Peer Name for A Specified Socket
- +iSDMP — Dump Socket Buffer
- +iSFSH[%] — Flush Socket’s Outbound Data
- +iSCLS — Close Socket
- Special Modem Commands
- Wireless LAN Mode
- IP Registration
- DHCP Client
- DHCP Server
- iRouter Mode
- Ad-Hoc Networks
- Secure Socket Protocol
- Network Time Client
- MIME Encapsulated E-Mail Messages
- Flow Control
- Remote Firmware Update
- iChip Parameter Update
- iChip Embedded Web Server
- Introduction
- Features
- Web Server Modes
- The Application Website
- Parameter Tags
- iChip Configuration Mode
- Host Interaction Mode
- Website Creation, Packing, and Uploading
- Manipulating Variables in the Application Website
- Security and Restrictions
- Parameter Update Error Handling
- File Types Supported by iChip’s Web Server
- iChip RAS Server
- SerialNET Theory of Operation
- File Transfer Protocol (FTP) Theory of Operation
- Telnet Client Operation
- Secure Socket Protocol Theory of Operation
- Remote AT+i Service
- Nonvolatile Parameter Database
- Parameter Descriptions
- +iFD — Restore All Parameters to Factory Defaults
- Operational Parameters
- +iXRC — Extended Result Code
- +iDMD — Modem Dial Mode
- +iMIS — Modem Initialization String
- +iMTYP — Set Type of Modem Connected to iChip
- +iWTC — Wait Time Constant
- +iTTO — TCP Timeout
- +iPGT — PING Timeout
- +iMPS — Max PPP Packet Size
- +iTTR — TCP Retransmit Timeout
- +iBDRF — Define A Fixed Baud Rate on Host Connection
- +iBDRM — Define A Fixed Baud Rate on iChip( Modem Connection
- +iBDRD — Baud Rate Divider
- +iAWS — Activate WEB Server Automatically
- +iLATI — TCP/IP Listening Socket to Service Remote AT+i Commands
- +iFLW — Set Flow Control Mode
- +iCPF — Active Communications Platform
- +iPSE — Set Power Save Mode
- +iSDM — Service Disabling Mode
- +iDF — IP Protocol ‘Don’t Fragment’ Bit Value
- +iCKSM — Checksum Mode
- +iHIF — Host Interface
- +iMIF — Modem Interface
- +iADCL — ADC Level
- +iADCD — ADC Delta
- +iADCT — ADC Polling Time
- +iADCP — ADC GPIO Pin
- +iRRA — iChip Readiness Report Activation
- +iRRHW — iChip Readiness Hardware Pin
- ISP Connection Parameters
- Server Profile Parameters
- +iLVS — ‘Leave on Server’ Flag
- +iDNSn — Define Domain Name Server IP Address
- +iSMTP — Define SMTP Server Name
- +iSMA — SMTP Authentication Method
- +iSMU — Define SMTP Login User Name
- +iSMP — Define SMTP Login Password
- +iPOP3 — Define POP3 Server Name
- +iMBX — Define POP3 Mailbox Name
- +iMPWD — Define POP3 Mailbox Password
- +iNTSn — Define Network Time Server
- +NTOD — Define Network Time-of-Day Activation Flag
- +iGMTO — Define Greenwich Mean Time Offset
- +iDSTD — Define Daylight Savings Transition Rule
- +iPDSn — Define PING Destination Server
- +iPFR — PING Destination Server Polling Frequency
- +iUFn — User Fields and Macro Substitution
- Email Format Parameters
- +iXFH — Transfer Headers Flag
- +iHDL — Limit Number of Header Lines
- +iFLS — Define Filter String
- +iDELF — Email Delete Filter String
- +iSBJ — Email Subject Field
- +iTOA — Define Primary Addressee
- +iTO — Email ‘To’ Description/Name
- +iREA — Return Email Address
- +iFRM — Email ‘From’ Description/Name
- +iCCn — Define Alternate Addressee
- +iMT — Media Type Value
- +iMST — Media Subtype String
- +iFN — Attachment File Name
- HTTP Parameters
- RAS Server Parameters
- LAN Parameters
- Wireless LAN Parameters
- +iWLCH — Wireless LAN Communication Channel
- +iWLSI — Wireless LAN Service Set Identifier
- +iWLWM — Wireless LAN WEP Mode
- +iWLKI — Wireless LAN Transmission WEP Key Index
- +iWLKn — Wireless LAN WEP Key Array
- +iWLPS — Wireless LAN Power Save
- +iWLPP — Personal Shared Key Pass-Phrase
- +iWROM — Enable Roaming in WiFi
- +iWPSI — Periodic WiFi Scan Interval
- +iWSRL — SNR Low Threshold
- +iWSRH — SNR High Threshold
- +iWSIn — Wireless LAN Service Set Identifier Array
- +iWPPn — Pre-Shared Key Passphrase Array
- +iWKYn — Wireless LAN WEP Key Array
- +iWSTn — Wireless LAN Security Type Array
- +iWSEC — Wireless LAN WPA Security
- IP Registration Parameters
- SerialNET Mode Parameters
- +iHSRV | +iHSRn — Host Server Name/IP
- +iHSS — Assign Special Characters to Hosts
- +iDSTR — Define Disconnection String for SerialNET Mode
- +iLPRT — SerialNET Device Listening Port
- +iMBTB — Max Bytes To Buffer
- +iMTTF — Max Timeout to Socket Flush
- +iFCHR — Flush Character
- +iMCBF — Maximum Characters before Socket Flush
- +iIATO — Inactivity Timeout
- +iSNSI — SerialNET Device Serial Interface
- +iSTYP — SerialNET Device Socket Type
- +iSNRD — SerialNET Device Re-Initialization Delay
- +iSPN — SerialNET Server Phone Number
- +iSDT — SerialNET Dialup Timeout
- +iSWT — SerialNET Wake-Up Timeout
- +iPTD — SerialNET Packets to Discard
- Remote Firmware Update Parameters
- Remote Parameter Update
- Note: This default value is shipped from the factory. The AT+iFD command does not restore RPG to this value.
- Appendix A
- Appendix B
- Appendix C
- Index
Secure Socket Protocol Theory of Operation
AT+i Programmer‘s Manual Version 8.32 32-4
2. Enter the command for generating the self-signed root certificate (all text is a single
command typed on one line):
openssl req –x509 –newkey rsa:1024 –out cacert.pem –outform PEM
3. You are prompted to enter a PEM pass phrase. This is your password to the CA
private key. It is essential for the security of the system that both this password and
the CA private key are kept secret.
An encrypted caprivkey.pem file, which is the private key for the CA is now stored under
the private sub-directory. The self-signed cacert.pem file is stored under the top-level
testCA directory.
The cacert.pem certificate can be used to sign new certificate requests as detailed in the
following steps. Alternatively, the cacert.pem certificate can be used as-is in a server
system if the single level hierarchy is considered sufficient.
The cacert.pem certificate has to be loaded into iChip‘s CA parameter to enable iChip to
trust and communicate securely with servers whose certificate is cacert.pem or that use
certificates signed with cacert.pem (see description on how to do that with the
iChipConfig utility or using iChip‘s web server).
32.5 Signing a Certificate with a CA Certificate
32.5.1 Creating a Certificate Request
Now that the CA has been created, you can use it to sign new certificates. In this
example, iChip plays the role of the CA, the certificate subject, and the end-user of the
certificate, so no trust issues exist. A typical process, however, involves communication
between the certificate subject (you) and a trusted CA. Usually someone wishing to issue
certificates to end-users would generate a certificate request file and submit it to the
administrators of a CA. Once the administrators of the CA have determined the request to
be valid, a self-signed root certificate would be used to sign the certificate request and
create a new certificate to be returned to the originator of the request, and eventually to
the end-user.
1. Reset the OPENSSL_CONF environment variable to the default openssl.cnf file.
Generating a request has nothing to do with a CA before it is actually submitted. It is
safe to point OPENSSL_CONF to the default configuration file because it will force
the request command to prompt the user for all information regarding the certificate
request. Set the environment variable to the default file by typing the following:
On Linux\Unix:
OPENSSL_CONF=/OpenSSL/apps/openssl.cnf
export OPENSSL_CONF
On Windows:
set OPENSSL_CONF=C:\OpenSSL\bin\openssl.cnf
2. Generate the request with the following single line command and answer all questions
at the prompt: