Update the certificates handling logic per reviewer feedback.
The updated flow:
- Mount /dev/mtdblock* (the certificates partition) to /mnt
- Copy its contents to /certificates
- Unmount /mnt
- Extract the PKI 2.0 certificates into /certificates
Signed-off-by: jackcybertan <jack.tsai@cybertan.com.tw>
Ensure PKI2.0 certificates are properly backed up when /certificates is mounted as squashfs (read-only).
Enhance the persistent storage mechanism to retain PKI2.0 certificates across factory resets.
Following the current enrollment behavior, `operational.ca` and `operational.pem` - though restored to `/certificates` after a factory reset - are not directly used during enrollment.
The `est_client` will still download both certificates again as part of the enrollment process.
This patch does not modify that behavior, but simply ensures the certificates are persistently stored across resets.
Impacted models: SonicFi RAP6* series.
Signed-off-by: jackcybertan <jack.tsai@cybertan.com.tw>
