zephyrproject-rtos
diff --git a/‎include/zephyr/net/wifi_certs.h
Lines changed: 40 additions & 0 deletions b/‎include/zephyr/net/wifi_certs.h
Lines changed: 40 additions & 0 deletions
diff --git a/‎modules/hostap/Kconfig
Lines changed: 2 additions & 0 deletions b/‎modules/hostap/Kconfig
Lines changed: 2 additions & 0 deletions
diff --git a/‎subsys/net/l2/wifi/CMakeLists.txt
Lines changed: 1 addition & 0 deletions b/‎subsys/net/l2/wifi/CMakeLists.txt
Lines changed: 1 addition & 0 deletions
diff --git a/‎subsys/net/l2/wifi/Kconfig
Lines changed: 5 additions & 0 deletions b/‎subsys/net/l2/wifi/Kconfig
Lines changed: 5 additions & 0 deletions
@@ -0,0 +1,40 @@
+/*
+ * Copyright (c) 2025 Nordic Semiconductor ASA
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+#ifndef WIFI_CERTS_H__
+#define WIFI_CERTS_H__
+
+#include <stdbool.h>
+#include <zephyr/kernel.h>
+#include <zephyr/net/wifi_mgmt.h>
+
+/**
+  * Set Wi-Fi Enterprise credentials.
+  *
+  * Sets up the required credentials for Enterprise mode in both
+  * Access Point and Station modes.
+  *
+  * Certificates typically used:
+  * - CA certificate
+  * - Client certificate
+  * - Client private key
+  * - Server certificate and server key (for AP mode)
+  *
+  * @param iface Network interface
+  * @param AP or Station mode
+  *
+  * @return 0 if ok, < 0 if error
+  */
+int wifi_set_enterprise_credentials(struct net_if *iface, bool is_ap);
+
+/**
+ * Clear Wi-Fi enterprise credentials
+ *
+ * @param Wi-Fi enterprise params
+ */
+void wifi_clear_enterprise_credentials(void);
+
+#endif /* WIFI_CERTS_H__ */
@@ -198,6 +198,7 @@ config WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE
 	select MBEDTLS_SERVER_NAME_INDICATION if MBEDTLS_BUILTIN
 	select MBEDTLS_X509_CRL_PARSE_C
 	select MBEDTLS_TLS_VERSION_1_2
+	select WIFI_CERTIFICATE_LIB
 	depends on !WIFI_NM_WPA_SUPPLICANT_CRYPTO_NONE
 
 if WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE
@@ -302,6 +303,7 @@ config WIFI_NM_HOSTAPD_AP
 
 config WIFI_NM_HOSTAPD_CRYPTO_ENTERPRISE
 	bool "Hostapd crypto enterprise support"
+	select WIFI_CERTIFICATE_LIB
 	depends on WIFI_NM_HOSTAPD_AP
 
 if WIFI_NM_HOSTAPD_CRYPTO_ENTERPRISE
 
@@ -13,6 +13,7 @@ zephyr_library_include_directories_ifdef(
   )
 
 zephyr_library_sources_ifdef(CONFIG_NET_L2_WIFI_MGMT wifi_mgmt.c)
+zephyr_library_sources_ifdef(CONFIG_WIFI_CERTIFICATE_LIB wifi_certs.c)
 zephyr_library_sources_ifdef(CONFIG_NET_L2_WIFI_SHELL wifi_shell.c)
 zephyr_library_sources_ifdef(CONFIG_WIFI_NM wifi_nm.c)
 zephyr_library_sources_ifdef(CONFIG_NET_L2_WIFI_UTILS wifi_utils.c)
 
@@ -126,6 +126,11 @@ config WIFI_ENT_IDENTITY_MAX_USERS
 	help
 	  This option defines the maximum number of identity users allowed connection.
 
+config WIFI_CERTIFICATE_LIB
+	bool
+	help
+	  Enable this option to process certificates in enterprise mode.
+
 if WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE
 
 config WIFI_SHELL_RUNTIME_CERTIFICATES
Original file line number	Diff line number	Diff line change
`@@ -13,6 +13,7 @@ zephyr_library_include_directories_ifdef(`
`13`	`13`	`)`
`14`	`14`
`15`	`15`	`zephyr_library_sources_ifdef(CONFIG_NET_L2_WIFI_MGMT wifi_mgmt.c)`
	`16`	`+zephyr_library_sources_ifdef(CONFIG_WIFI_CERTIFICATE_LIB wifi_certs.c)`
`16`	`17`	`zephyr_library_sources_ifdef(CONFIG_NET_L2_WIFI_SHELL wifi_shell.c)`
`17`	`18`	`zephyr_library_sources_ifdef(CONFIG_WIFI_NM wifi_nm.c)`
`18`	`19`	`zephyr_library_sources_ifdef(CONFIG_NET_L2_WIFI_UTILS wifi_utils.c)`