Failing to add Root CA

[0x454447415244]

The integrated Firmware Updater in Arduino IDE for the WiFi101 fails to add Root CA when the CN is an IP address and the CA is self-signed. I tried the standalone firmware updater and it worked.

[facchinm]

I believe the main difference between the standalone updater and the java one is about the certificate verification. Looking at https://github.com/arduino-libraries/WiFi101-FirmwareUpdater-Plugin/blob/master/src/cc/arduino/plugins/wifi101/flashers/java/SSLCertDownloader.java#L82 the acquired certificate gets verifies against Java's known CA certificates and thus it fails for self-signed ones. A quick and dirty test would be adding your own CA to the known list inside the local Java installation (inside Arduino, not in the system-wide one). The key store is located in $ARDUINO_INSTALLATION_FOLDER/java/lib/security/cacerts and a public certificate can be added with keytool -importcert -file certificate.cer -keystore $path/$to/cacerts -alias "Alias"

[klausj1]

@facchinm, I have the same problem. I tried your suggestion, but I am prompted for a password for the keystore which I do not know.

@facchinm, @0x454447415244, I also did not find a "standalone firmware updater".

Any help would be appreciated.

Thanks, Klaus

[facchinm]

@klausj1 you can find the firmware updater here https://github.com/arduino-libraries/WiFi101-FirmwareUpdater/releases

[akash73]

closing this issue, re-open if needed.